On Thu, Jun 12, 2014 at 10:59 PM, Kyotaro HORIGUCHI < horiguchi.kyot...@lab.ntt.co.jp> wrote:
> Hi, > > > I need to port pgsql onto a controller which doesn't have a framework of > > creating multiple users for administrative purposes. The entire > controller > > is managed by a single root user and that is the reason I am trying to > > change the pgsql initdb behavior. Do you think of any other better > > alternative? > > The reason you didn't see initdb completed is that it execs > postgres on the way. > > As you know, it is strongly discourged on ordinary environment, > but that framework sounds to be a single-user environment like > what MS-DOS was, where any security risk comes from the > characterisc is acceptable. > > I could see initdb and postgres operating as root for the moment > (which means any possible side-effect is not checked) by making > changes at four point in the whole postgresql source > tree. Perhaps only two of them are needed for your wish. > > postgresql $ find . -type f -print | xargs grep -nH 'geteuid() == 0' > ./src/backend/main/main.c:377: if (geteuid() == 0) > ./src/bin/pg_ctl/pg_ctl.c:2121: if (geteuid() == 0) > ./src/bin/initdb/initdb.c:778: if (geteuid() == 0) > /* 0 is root's uid */ > ./src/bin/pg_resetxlog/pg_resetxlog.c:250: if (geteuid() == 0) > > Try replacing these conditions with "(0 && geteuid() == 0)" and > you would see it run as root. > > Maybe a compile option like '--enable-run-as-root' could be added to allow it without the need of change the source code. Regards, -- Fabrízio de Royes Mello Consultoria/Coaching PostgreSQL >> Timbira: http://www.timbira.com.br >> Blog sobre TI: http://fabriziomello.blogspot.com >> Perfil Linkedin: http://br.linkedin.com/in/fabriziomello >> Twitter: http://twitter.com/fabriziomello
