On 3/15/18 3:17 AM, Michael Paquier wrote:
> On Wed, Mar 14, 2018 at 02:08:19PM -0400, David Steele wrote:
>
> When taking a base backup from a data folder which has group access,
> then the tar data, as well as the untar'ed data, are still using
> 0600 as umask for files and 0700 for folders. Is that an expected
> behavior? I would have imagined that sendFileWithContent() and
> _tarWriteDir() should enforce the file mode to have group access if the
> cluster has been initialized to work as such.
We can certainly make base backup understand the group access mode.
Should we continue hard-coding the mode, or use the actual dir/file mode?
> Still as this is a
> feature aimed at being used for custom backups, that's not really a
> blocker I guess.
Seems like a good thing to do, though, so I'll have a look for the next
patch.
> Visibly there would be no need for a -g switch in
> pg_basebackup as it is possible to guess from the received untar'ed
> files what should be the permissions of the data based on what is
> received in pg_basebackup.c. It would also be necessary to change the
> permissions of pg_wal as this is created before receiving any files.
This part might be trickier.
> Speaking of which, we may want to switch the values used for st_mode to
> what file_perm.h is giving in basebackup.c?
Will do.
> We should also replace the hardcoded 0700 value in pg_backup_directory.c
> by what file_perm.h offers? I would recommend to not touch at mkdtemp.c
> as this comes from NetBSD.
Will do.
> +=item $node->group_access()
> +
> +Does the data dir allow group access?
> +
> Nit: s/dir/directory/.
>
> Indentation is weird in PostgresNode.pm for some of the chmod calls
> (tabs not spaces please).
I'll fix these in the next patch as well.
Thanks,
--
-David
david@pgmasters.net