Re: sudo/access to the postres OS user

Поиск
Список
Период
Сортировка
От Athanasios Kostopoulos
Тема Re: sudo/access to the postres OS user
Дата
Msg-id CAFnWstPdiEMORj8G5+YtQEWSw3sbY1zUkZmO2V_2NFCdRk1u+g@mail.gmail.com
обсуждение исходный текст
Ответ на Re: sudo/access to the postres OS user  (Luca Ferrari <fluca1978@infinito.it>)
Список pgsql-novice
Дерево обсуждения
Even if Austen is able to run a shell, will that not spell trouble as it might be perceived as a violation of the policy set by the system administrators? Just to be on the safe side, ask for permission first.


On Mon, Aug 19, 2013 at 10:43 AM, Luca Ferrari <fluca1978@infinito.it> wrote:
On Fri, Aug 16, 2013 at 5:01 PM, Birchall, Austen
<austen.birchall@metoffice.gov.uk> wrote:

> However for a 24/7 WAL mode database would I need access to the contents of
> the pg_xlog directory?
>
>
>
> Also it I need to do a PITR wouldn’t I need rw access to just about
> everything?
>

Well, the recovery is performed by PostgreSQL itself, so the short
answer is no. You need access to the recovery.conf file and, to some
extent, to the wal archiving space for cleanup and maintenance.
Now it should be interesting to know what you are allowed to do,
because if you have access only to "psql" executable via sudo then
you'll not be able to do a pitr (you need to control the cluster). If
you have the capability to launch a text editor (e.g., Emacs) you
could be able to run a shell (or a shell command) from within that.
If protection is the aim then the cluster has to be carefully set up
(with directory and permissions splitted) so that you can have access
to the objects you need.

Luca


--
Sent via pgsql-novice mailing list (pgsql-novice@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-novice


classmarkets GmbH | Schumannstraße 6 | 10117 Berlin | Deutschland
Tel: +49 (0)30 56 59 001-0 | Fax: +49 (0)30 56 59 001-99 | www.classmarkets.com

Amtsgericht Charlottenburg HRB 111815 B | USt.Id.Nr: DE 260731582
Geschäftsführer: Veit Mürz, Fabian Ströhle

Diese Nachricht (inklusive aller Anhänge) ist vertraulich. Sie darf ausschließlich durch den vorgesehenen Empfänger und Adressaten gelesen, kopiert oder genutzt werden. Sollten Sie diese Nachricht versehentlich erhalten haben, bitten wir, den Absender (durch Antwort-E-Mail) hiervon unverzüglich zu informieren und die Nachricht zu löschen. Jede unerlaubte Nutzung oder Weitergabe des Inhalts dieser Nachricht, sei es vollständig oder teilweise, ist unzulässig. Bitte beachten Sie, dass E-Mail-Nachrichten an den Absender nicht für fristgebundene Mitteilungen geeignet sind. Fristgebundene Mitteilungen sind daher ausschließlich per Post oder per Telefax zu übersenden.

В списке pgsql-novice по дате отправления:

Предыдущее
От: Luca Ferrari
Дата:
Сообщение: Re: sudo/access to the postres OS user
Следующее
От: Athanasios Kostopoulos
Дата:
Сообщение: Problem with backing up a large database