On Thu, Feb 14, 2019 at 06:34:07PM +1100, Haribabu Kommi wrote: > we have an application that is used to create the data directory with
Well, initdb would do that happily, so there is no actual any need to do that to begin with. Anyway.. > owner access (0700), but with initdb group permissions option, it > automatically > converts to (0750) by the initdb. But pg_basebackup doesn't change it when > it tries to do a backup from a group access server. So that's basically the opposite of the case I was thinking about, where you create a path for a base backup with permissions strictly higher than 700, say 755, and the base backup path does not have enough restrictions. And in your case the permissions are too restrictive because of the application creating the folder itself but they should be relaxed if group access is enabled. Actually, that's something that we may want to do consistently across all branches. If an application calls pg_basebackup after creating a path, they most likely change the permissions anyway to allow the postmaster to start. -- Michael
signature.asc
Description: PGP signature
