recent Debian Postgres security update

Hi!

I use debian woody and postgres
version 7.2.1 which. i am tring to keep my system up with official debian
fixes and updates.

I did the usual apt-get update && apt-get upgrade and forgot to configure
in pg_hba.conf 'local all trust'. Now it seemingly works all right but i
am worried about the message it gave:

Sorry! I need unrestricted access in /etc/postgresql/pg_hba.conf to update
the databases.

I wonder if you could give me advice what to do to 'update the databases'
properly or should i be worried at all about it? Or i am all right until
next fix when the trouble begins for me?

I looked around and saw that one place which contains this Sorry! etc
thing ise enable_lang script which executes in turn createlang script.
In my case the following query produces output like that


template1=# select * from pg_language;
 lanname  | lanispl | lanpltrusted | lanplcallfoid | lancompiler
----------+---------+--------------+---------------+-------------
 internal | f       | f            |             0 | n/a
 C        | f       | f            |             0 | /bin/cc
 sql      | f       | f            |             0 | postgres
 plpgsql  | t       | t            |        291431 |

Or should i just issue 'enable_lang --all' or better use backups sooner
the better ...



Best Regards, Imre Oolberg


I just thought to bring forward also the whole transcript on messages


bash# apt-get upgrade

Get:1 http://security.debian.org woody/updates/main python2.1 2.1.3-3.2 [1592kB]
Get:2 http://security.debian.org woody/updates/main python 2.1.3-3.2 [25.5kB]
Get:3 http://security.debian.org woody/updates/main libpgsql2 7.2.1-2woody2 [65.2kB]
Get:4 http://security.debian.org woody/updates/main postgresql-client 7.2.1-2woody2 [280kB]
Get:5 http://security.debian.org woody/updates/main postgresql 7.2.1-2woody2 [1550kB]
Fetched 3514kB in 3s (955kB/s)
Reading changelogs...Done
apt-listchanges: Do you want to continue [Y/n]?
(Reading database ... 18312 files and directories currently installed.)
Preparing to replace python2.1 2.1.3-3.1 (using
.../python2.1_2.1.3-3.2_i386.deb) ...
Unpacking replacement python2.1 ...
Preparing to replace python 2.1.3-3.1 (using .../python_2.1.3-3.2_all.deb)
...
Unpacking replacement python ...
Preparing to replace libpgsql2 7.2.1-2 (using
.../libpgsql2_7.2.1-2woody2_i386.deb) ...

Unpacking replacement libpgsql2 ...
Preparing to replace postgresql-client 7.2.1-2 (using
.../postgresql-client_7.2.1-2woody2_i386.deb) ...

Unpacking replacement postgresql-client ...
Preparing to replace postgresql 7.2.1-2 (using
.../postgresql_7.2.1-2woody2_i386.deb) ...
Stopping PostgreSQL database: postmaster
Stopped /usr/lib/postgresql/bin/postmaster (pid 5106 5107 5109 13336).
.

Found an existing database directory at /var/lib/postgres/data
The installed database is of the same version as the one
to be installed. You do not need to dump your database
for reloading.

Stopping PostgreSQL database: postmaster
Stopped /usr/lib/postgresql/bin/postmaster (pid 5106 5107 5109 13336).
.
Unpacking replacement postgresql ...
Setting up libpgsql2 (7.2.1-2woody2) ...

Setting up postgresql-client (7.2.1-2woody2) ...

The file /etc/postgresql/postgresql.env provides the normal set-up for
an ordinary user running PostgreSQL. It is automatically read by the
wrapper script for PostgreSQL user commands in postgresql-client.


Setting up python2.1 (2.1.3-3.2) ...

Setting up postgresql (7.2.1-2woody2) ...
Restarting PostgreSQL database: postmaster
No /usr/lib/postgresql/bin/postmaster found running; none killed.
Starting PostgreSQL postmaster.
postmaster successfully started
.
Enabling the PL procedural language in all PostgreSQL databases...

Sorry! I need unrestricted access in /etc/postgresql/pg_hba.conf to update
the databases.



And in the syslog are the following appropriate section

Sep 12 23:12:18 postgres[5106]: [1] DEBUG:  smart shutdown request
Sep 12 23:12:18 postgres[10236]: [2] FATAL 1:  This connection has
been terminated by the administrator.
Sep 12 23:12:18 postgres[12923]: [2] FATAL 1:  This connection has
been terminated by the administrator.
Sep 12 23:12:18 postgres[12924]: [2] FATAL 1:  This connection has
been terminated by the administrator.
Sep 12 23:12:18 postgres[12925]: [2] FATAL 1:  This connection has
been terminated by the administrator.
Sep 12 23:12:18 postgres[12933]: [2] FATAL 1:  This connection has
been terminated by the administrator.
Sep 12 23:12:18 postgres[13033]: [2] FATAL 1:  This connection has
been terminated by the administrator.
Sep 12 23:12:18 postgres[21322]: [2] FATAL 1:  This connection has
been terminated by the administrator.
Sep 12 23:12:18 postgres[13336]: [2] DEBUG:  shutting down
Sep 12 23:12:20 postgres[13336]: [3] DEBUG:  database system is shut
down
Sep 12 23:12:37 postgres[13483]: [1] DEBUG:  database system was
shut down at 2002-09-12 23:12:20 EEST
Sep 12 23:12:37 postgres[13483]: [2] DEBUG:  checkpoint record is at
0/9A3907C
Sep 12 23:12:37 postgres[13483]: [3] DEBUG:  redo record is at
0/9A3907C; undo record is at 0/0; shutdown TRUE
Sep 12 23:12:37 postgres[13483]: [4] DEBUG:  next transaction id:
299775; next oid: 323503
Sep 12 23:12:37 postgres[13483]: [5] DEBUG:  database system is
ready