Обсуждение: how to vacuum from cron?

Поиск
Список
Период
Сортировка

how to vacuum from cron?

От
John Madden
Дата:
I guess the subject says it all -- what's the easiest way to do a vacuum
(say, nightly) if you're not allowing "trust" from local unix sockets?
(Counting out, of course, putting a password in any files...)

Thanks,
 John





--
# John Madden  weez@freelists.org ICQ: 2EB9EA
# FreeLists, Free mailing lists for all: http://www.freelists.org
# UNIX Systems Engineer, Ivy Tech State College: http://www.ivy.tec.in.us
# Linux, Apache, Perl and C: All the best things in life are free!

Re: how to vacuum from cron?

От
Tom Lane
Дата:
John Madden <weez@freelists.org> writes:
> I guess the subject says it all -- what's the easiest way to do a vacuum
> (say, nightly) if you're not allowing "trust" from local unix sockets?
> (Counting out, of course, putting a password in any files...)

Perhaps do it across a local TCP connection and use ident to verify?

            regards, tom lane

Re: how to vacuum from cron?

От
Doug McNaught
Дата:
Tom Lane <tgl@sss.pgh.pa.us> writes:

> John Madden <weez@freelists.org> writes:
> > I guess the subject says it all -- what's the easiest way to do a vacuum
> > (say, nightly) if you're not allowing "trust" from local unix sockets?
> > (Counting out, of course, putting a password in any files...)
>
> Perhaps do it across a local TCP connection and use ident to verify?

And if you think this is somehow more secure than trusting Unix
sockets, I have a bridge to sell you...  ;)

-Doug (who wants to hack RSA authentication into Postgres now)

Re: how to vacuum from cron?

От
Tom Lane
Дата:
Doug McNaught <doug@wireboard.com> writes:
> Tom Lane <tgl@sss.pgh.pa.us> writes:
>> Perhaps do it across a local TCP connection and use ident to verify?

> And if you think this is somehow more secure than trusting Unix
> sockets, I have a bridge to sell you...  ;)

Why?  It's your own ident daemon you're trusting, not a remote one.

            regards, tom lane

Re: how to vacuum from cron?

От
Doug McNaught
Дата:
Tom Lane <tgl@sss.pgh.pa.us> writes:

> Doug McNaught <doug@wireboard.com> writes:
> > Tom Lane <tgl@sss.pgh.pa.us> writes:
> >> Perhaps do it across a local TCP connection and use ident to verify?
>
> > And if you think this is somehow more secure than trusting Unix
> > sockets, I have a bridge to sell you...  ;)
>
> Why?  It's your own ident daemon you're trusting, not a remote one.

I agree that is somewhat better, but it still makes my skin crawl.  ;)
Some Unices (eg Linux) will honor permissions and ownership on Unix
sockets; I'd much prefer to use that mechanism if it's available.

-Doug

Re: how to vacuum from cron?

От
Peter Eisentraut
Дата:
Doug McNaught writes:

> I agree that is somewhat better, but it still makes my skin crawl.  ;)
> Some Unices (eg Linux) will honor permissions and ownership on Unix
> sockets; I'd much prefer to use that mechanism if it's available.

That mechanism happens to be available in 7.1, but note that once you turn
down (or up) the permissions on the socket file, it affects everyone, not
only your cron user.

--
Peter Eisentraut      peter_e@gmx.net       http://yi.org/peter-e/