[Pkg-postgresql-public] Bug#739276: postgresql: Put pgstat in /var/run
Christian Tacke
Christian.Tacke+debian.org at mad-protection.de
Sat Mar 8 11:10:39 UTC 2014
On Fri, Mar 07, 2014 at 13:40:53 +0100, Christoph Berg wrote:
> Re: Martin Pitt 2014-03-07 <20140307090805.GA23354 at piware.de>
> > I think configuring a tmpfs dir by default is a good idea, thanks for
> > pointing that out.
>
> +1.
>
> > > === modified file 'createcluster.conf'
> > > --- createcluster.conf 2013-04-12 12:32:08 +0000
> > > +++ createcluster.conf 2014-02-17 11:26:47 +0000
> > > @@ -23,3 +23,6 @@
> > > # All other options are copied into the new cluster's postgresql.conf
> > >
> > > log_line_prefix = '%%t '
> > > +
> > > +# Starting at version 8.4 one can move the pg_stat_tmp dir
> > > +stats_temp_directory = '/var/run/postgresql/%v-%c_stat_tmp'
> >
> > Note that this is a little too simplistic. This directory is only
> > writable to clusters owned by postgres. While that is the default, you
> > can assign any other owner, and you can even call pg_createcluster as
> > a normal user and put everything into your $HOME; in those cases,
> > /tmp/ will be used for the Unix socket, and we can't use
> > /var/run/postgresql/.
>
> pg_createcluster will still want to write to /etc/postgresql which is
> owned by postgres, so the stats_temp_directory doesn't make the
> situation worse.
>
> > One idea is to add a new "%s" macro to the evaluation of
> > createcluster.conf which expands to the used socket dir, and set
> > stats_temp_directory = '%s/%v-%c_stat_tmp'. That's a little more
> > complex, but always ought to work since we know that the socket dir is
> > writable.
>
> For non-postgres clusters, the socket dir will be /tmp, which isn't a
> tmpfs at least on my machine (I forgot which default Debian really
> decided on in that flameware).
>
> > A simpler solution might be to use /var/run/lock/ instead, which is
> > world-writable (same permissions as /tmp/). It's just a bit of an
> > abuse as these are not really lock files.
>
> /var/run/lock wouldn't work because it's too small (5120k here).
>
> > A third option would be to not put this into createcluster.conf, but
> > dynamically set it up in pg_createcluster; i. e. only postgres-owned
> > clusters would configure this (more specifically, add the option if
> > /var/run/postgresql is writable for the owner, so that admins could
> > put other users into the postgres group).
>
> ... or mount a new tmpfs, but that would require root.
>
> I think this, and the %s idea are too complex for the resulting
> effect. Imho what Christian proposed is just the right approach,
> people can still disable it in createcluster.conf.
>
> Christoph
> --
> cb at df7cb.de | http://www.df7cb.de/
>
--
Money and Data Protection Solutions GmbH & Co. KG, Amtsgericht Mannheim HRA 704567,
vertreten durch ihre Geschaeftsfuehrerin die Money and Data Protection
Solutions Verwaltungs GmbH, Amtsgericht Mannheim HRB 715602,
diese vertreten durch ihre Geschaeftsfuehrer Frau Anna Wangerowski und Herrn Dominic Adenuga
Schopenhauerstr. 2
68165 Mannheim
Germany
Telefon: +49 (0)151 7241 6110
Telefax: +49 (0)521 69983
Email: info at mad-protection.de
Money and Data Protection Solutions GmbH & Co. KG. USt - IdNr.: DE286030691
Money and Data Protection Solutions Verwaltungs GmbH USt - IdNr.: DE286030722
More information about the Pkg-postgresql-public
mailing list