Обсуждение: Postgres and chroot

Поиск
Список
Период
Сортировка

Postgres and chroot

От
Melvyn Sopacua
Дата:
Hi all,

I'm new to the list as well as to Postgres. At present we're using MySQL,
on a BSD platform,
and migrating the databases to AIX, keeping BSD on the frontend. The
frontend is powered
by Php and Apache and a few Perl scripts since I just love GD::Graphs3d :-).

I hope I can contribute in the near future, but my guess is, I'll be askin'
a lot first :-). Especially
since it's quite a different setup as opposed to MySQL.

We're considering Postgres at least for some more demanding webapplications
and therefore
I've setup a little test environment at home on a similar box (well -
software/OS then).

As for the first questions:
It's customary for us to run web-accessible services chrooted. However,
postgres needs to
change user context and chroot requires the root user. There are two things
bugging about
the current Postgres implementation, with respect to a chrooted environment:
1) Postgres requires me to have 'su' in the chrooted env
2) Postgres makes a shell call to the 'cp' command when creating new databases.

The first I've overcome, with the not-so-elegant script below, but the
second is not so easy.
So my questions:

-- Does anybody run PostgreSQL chrooted and so, how?
-- Is there a way to use PostgreSQL and not have `cp' in the environment?

Many thanx, in advance.

The startupscript:
$ cat /chroot/pgsql/startpgsql.sh
#!/bin/sh

cp -p /usr/bin/su /chroot/bin/su

/usr/sbin/chroot /chroot /bin/su postgres -c "/pgsql/bin/postmaster -i -D
/pgsql/data &"

sleep 2

rm /chroot/bin/su




--

Best regards,

Melvyn Sopacua

Re: Postgres and chroot

От
Tom Lane
Дата:
Melvyn Sopacua <mdev@idg.nl> writes:
> 1) Postgres requires me to have 'su' in the chrooted env

Postgres itself doesn't use su.  Surely you can figure out a way to
run a program as non-root inside the chroot area (login, maybe)?
There's nothing that says you have to use that particular start script.

> 2) Postgres makes a shell call to the 'cp' command when creating new databases.

Yup.  Live with it, or reimplement recursive cp in CREATE DATABASE.
Don't forget 'rm' too for DROP DATABASE.  I don't really see the point
though; why shouldn't cp/rm be available inside the chroot playpen?

> -- Does anybody run PostgreSQL chrooted and so, how?

I'm pretty sure uunet is running multiple Postgreses chrooted to
different places on the same system.

However, I wonder if you aren't adopting a MySQL-driven worldview
in assuming that you need to do this in the first place.  Since Postgres
doesn't run as root, and doesn't expose any filesystem access capability
to non-superusers, the need to put it in a chroot playpen seems much
less to me.

            regards, tom lane