[pgpool-committers: 6290] pgpool: Start pgpool using "postgres" user by default.
Bo Peng
pengbo at sraoss.co.jp
Thu Oct 10 14:47:13 JST 2019
Start pgpool using "postgres" user by default.
Currently the Pgpool-II startup user is "root" user.
Because of the security reason, startup Pgpool-II
using non-root user is recommended.
For this reason, I modified "pgpool.service" file to start
Pgpool using "postres" user, and allow "postrges" user to
run "if_up/down_cmd" and "arping_cmd" with sudo without a password.
The default setting of "if_up/down_cmd" and "arping_cmd" is changed:
if_up_cmd = '/usr/bin/sudo /sbin/ip addr add $_IP_$/24 dev eth0 label eth0:0'
if_down_cmd = '/usr/bin/sudo /sbin/ip addr del $_IP_$/24 dev eth0'
arping_cmd = '/usr/bin/sudo /usr/sbin/arping -U $_IP_$ -w 1 -I eth0'
If if_up/down_cmd or arping_cmd starts with "/",
the setting specified in "if_cmd_path" or "arping_path" will be ignored.
This patch also changes all of the config files permission to 600.
Branch
------
master
Details
-------
https://git.postgresql.org/gitweb?p=pgpool2.git;a=commitdiff;h=1c430c0d2790bf2a054fb53b2a8b906a5d92e365
Modified Files
--------------
doc.ja/src/sgml/watchdog.sgml | 50 ++++++++++++++++++++++++++----
doc/src/sgml/watchdog.sgml | 25 +++++++++++++--
src/config/pool_config_variables.c | 6 ++--
src/pgpool.spec | 31 ++++++++++++------
src/redhat/pgpool.service | 3 ++
src/sample/pgpool.conf.sample | 10 +++---
src/sample/pgpool.conf.sample-logical | 12 ++++---
src/sample/pgpool.conf.sample-master-slave | 12 ++++---
src/sample/pgpool.conf.sample-replication | 12 ++++---
src/sample/pgpool.conf.sample-stream | 12 ++++---
src/watchdog/wd_if.c | 19 ++++++++++--
src/watchdog/wd_utils.c | 3 ++
12 files changed, 147 insertions(+), 48 deletions(-)
More information about the pgpool-committers
mailing list