mirrors/postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix process startup in pg_rewind.

Browse Source 
Don't allow pg_rewind to run as root on Unix platforms, as any new or
replaced files in the data directory would become owned by root. On Windows,
it can run under a user that has Administrator rights, but a restricted
token needs to be used. This is the same we do e.g. in pg_resetxlog.

Also, add missing set_pglocale_pgservice() call, to fix localization.

Michael Paquier and Fujii Masao
This commit is contained in:
Heikki Linnakangas 2015-04-07 23:04:25 +03:00
parent 1cdf4d0b6a
commit 8a06c36aff
2 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/bin/pg_rewind/nls.mk
View File

@ -1,7 +1,7 @@
# src/bin/pg_rewind/nls.mk # src/bin/pg_rewind/nls.mk
CATALOG_NAME = pg_rewind CATALOG_NAME = pg_rewind
AVAIL_LANGUAGES = AVAIL_LANGUAGES =
GETTEXT_FILES = copy_fetch.c datapagemap.c fetch.c filemap.c libpq_fetch.c logging.c parsexlog.c pg_rewind.c timeline.c ../../common/fe_memutils.c ../../../src/backend/access/transam/xlogreader.c GETTEXT_FILES = copy_fetch.c datapagemap.c fetch.c filemap.c libpq_fetch.c logging.c parsexlog.c pg_rewind.c timeline.c ../../common/fe_memutils.c ../../common/restricted_token.c ../../../src/backend/access/transam/xlogreader.c
GETTEXT_TRIGGERS = pg_log pg_fatal report_invalid_record:2 GETTEXT_TRIGGERS = pg_log pg_fatal report_invalid_record:2
GETTEXT_FLAGS = pg_log:2:c-format \ GETTEXT_FLAGS = pg_log:2:c-format \

17
src/bin/pg_rewind/pg_rewind.c
View File

@ -24,6 +24,7 @@
#include "access/xlog_internal.h" #include "access/xlog_internal.h"
#include "catalog/catversion.h" #include "catalog/catversion.h"
#include "catalog/pg_control.h" #include "catalog/pg_control.h"
#include "common/restricted_token.h"
#include "getopt_long.h" #include "getopt_long.h"
#include "storage/bufpage.h" #include "storage/bufpage.h"
@ -102,6 +103,7 @@ main(int argc, char **argv)
TimeLineID endtli; TimeLineID endtli;
ControlFileData ControlFile_new; ControlFileData ControlFile_new;
set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("pg_rewind"));
progname = get_progname(argv[0]); progname = get_progname(argv[0]);
/* Process command-line arguments */ /* Process command-line arguments */
@ -174,6 +176,21 @@ main(int argc, char **argv)
exit(1); exit(1);
} }
/*
* Don't allow pg_rewind to be run as root, to avoid overwriting the
* ownership of files in the data directory. We need only check for root
* -- any other user won't have sufficient permissions to modify files in
* the data directory.
*/
#ifndef WIN32
if (geteuid() == 0)
pg_fatal("cannot be executed by \"root\"\n"
"You must run %s as the PostgreSQL superuser.\n",
progname);
#endif
get_restricted_token(progname);
/* Connect to remote server */ /* Connect to remote server */
if (connstr_source) if (connstr_source)
libpqConnect(connstr_source); libpqConnect(connstr_source);