| From: | David Steele <david(at)pgmasters(dot)net> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz>, Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>, Adam Brightwell <adam(dot)brightwell(at)crunchydata(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, "Tsunakawa, Takayuki" <tsunakawa(dot)takay(at)jp(dot)fujitsu(dot)com>, Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PATCH: Configurable file mode mask |
| Date: | 2018-03-27 20:21:09 |
| Message-ID: | d18ac852-92d8-532f-66ac-973e6b031d9a@pgmasters.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 3/20/18 11:14 PM, Michael Paquier wrote:
> On Tue, Mar 20, 2018 at 05:44:22PM -0400, Stephen Frost wrote:
>> * David Steele (david(at)pgmasters(dot)net) wrote:
>>> On 3/16/18 11:12 AM, Stephen Frost wrote:
>>> It seems to me that pg_basebackup and pg_receivexlog should have a -g
>>> option to control the mode of the files that they write to disk (not
>>> including the modes stored in the tar files).
>>>
>>> Or perhaps we should just update the perms in the tar files for now and
>>> leave the rest alone.
>>
>> Having options to pg_basebackup to control what's done makes sense to
>> me- but whatever those options do, I'd expect them to apply equally to
>> the tar files and to the files extracted with plain mode. Having those
>> be different really strikes me as very odd.
>
> Agreed for the consistency part, permissions should be applied
> consistently for the folder and the tar format.
>
> Having the option for pg_receivewal definitely makes sense to me, as it
> is the one in charge of opening and writing the WAL segments. For
> pg_basebackup, let's not forget that there is one tar file for each
> tablespace, and that each file is received separately using a COPY
> stream. There is some logic already which parses the tar header part of
> an individual file in order to look for recovery.conf (see
> ReceiveTarFile() in pg_basebackup.c). It would be possible to enforce
> grouping permissions when receiving each file, and this would be rather
> low-cost in performance I think. Honestly, my vote would go for having
> the permissions set correctly by the source server as this brings
> consistency to the whole experience without complicating the interface
> of pg_basebackup, and this also makes the footprint of this patch on
> pg_basebackup way lighter.
These updates address Michael's latest review and implement group access
for pg_basebackup, pg_receivewal, and pg_recvlogical. A new internal
GUC, data_directory_group_access, allows remote processes to determine
the correct mode using the existing SHOW protocol command.
I have dropped patch 01, which added the pg_resetwal tests. The tests
Peter added recently are sufficient for this patch so I'll pursue adding
the other tests separately to avoid noise on this thread.
Thanks,
--
-David
david(at)pgmasters(dot)net
| Attachment | Content-Type | Size |
|---|---|---|
| group-access-v12-01-file-perm.patch | text/plain | 38.8 KB |
| group-access-v12-02-group.patch | text/plain | 40.5 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2018-03-27 21:18:18 | Re: [HACKERS] A design for amcheck heapam verification |
| Previous Message | Fujii Masao | 2018-03-27 19:45:49 | Re: [bug fix] pg_rewind creates corrupt WAL files, and the standby cannot catch up the primary |