On Wed, Jun 06, 2012 at 11:32:45AM -0400, Tom Lane wrote: > I had forgotten that conversation, but it does seem like there is > interest in this type of configuration. Can anybody confirm that > dropping a socket into a chroot or jail would actually work, ie > make it possible to connect from inside the chroot to a postmaster > running outside? If that's real and not just wishful thinking, > it seems like enough of an argument to justify supporting N sockets.
We need to deal with exactly this sort of issue with schroot, where we may want to provide programs in the chroot with access to facilities outside the chroot. We generally just bind mount in the minimal set of stuff needed. This might mean binding just the socket, or it could be /var/run/postgresql. We do this for the X11 socket for our desktop configuration profile to permit X11 programs to run in a chroot, though we currently bind mount all of /tmp rather than just the socket, since we want that as well in any case. (http://people.debian.org/~rleigh/schroot.pdf) While not exactly what was proposed (multiple sockets), this allows one to re-use a single socket without the daemon requiring any special support for it. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools `- GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800 -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
