At Fri, 15 Feb 2019 08:15:24 +0900, Michael Paquier <mich...@paquier.xyz> wrote in <20190214231524.gc2...@paquier.xyz> > On Thu, Feb 14, 2019 at 11:21:19PM +1100, Haribabu Kommi wrote: > > On Thu, Feb 14, 2019 at 8:57 PM Magnus Hagander <mag...@hagander.net> wrote: > >> I think it could be argued that neither initdb *or* pg_basebackup should > >> change the permissions on an existing directory, because the admin may have > >> done that intentionally. But when they do create the directory, they should > >> follow the same patterns. > > > > Hmm, even if the administrator set some specific permissions to the data > > directory, PostgreSQL server doesn't allow server to start if the > > permissions are not (0700) for versions less than 11 and (0700 or > > 0750) for version 11 or later. > > Yes, particularly with pg_basebackup -R this adds an extra step in the > user flow.
I disagree that pg_basebackup rejects directories other than specific permissions, since it is just a binary backup tool, which is not exclusive to making replication-standby. It ought to be runnable and actually runnable by any OS users even by root, for who postgres rejects to start. As mentioned upthread, it is safe-side failure that server rejects to run on it. > > To let the user to use the PostgreSQL server, user must change the > > permissions of the data directory. So, I don't see a problem in > > changing the permissions by these tools. > > I certainly agree with the point of Magnus that both tools should > behave consistently, and I cannot actually imagine why it would be > useful for an admin to keep a more permissive data folder while all > the contents already have umasks set at the same level as the primary > (or what initdb has been told to use), but perhaps I lack imagination. > If we doubt about potential user impact, the usual, best, answer is to > let back-branches behave the way they do now, and only do something on > HEAD. initdb is to create a directory on which server works and rather rejects existing directory, so I think the "incosistency" seems fine. I can live with some new options, say --create-New-directory or --check-directory-Permission. regards. -- Kyotaro Horiguchi NTT Open Source Software Center
