[pgpool-hackers: 3454] Re: Pgpool-II default startup user
Tatsuo Ishii
ishii at sraoss.co.jp
Thu Oct 10 11:19:43 JST 2019
> Hi all,
>
> I made a patch to make the pgpool started using "postgres" user by default.
>
> Currently the Pgpool-II startup user is "root" user.
> Because of the security reason, startup Pgpool-II
> using non-root user is recommended.
>
> For this reason, I modified "pgpool.service" file to start
> Pgpool using "postres" user, and allow "postrges" user to
> run "if_up/down_cmd" and "arping_cmd" with sudo without a password.
>
> The default setting of "if_up/down_cmd" and "arping_cmd" is changed:
>
> if_up_cmd = '/usr/bin/sudo /sbin/ip addr add $_IP_$/24 dev enp0s8 label enp0s8:0'
> if_down_cmd = '/usr/bin/sudo /sbin/ip addr del $_IP_$/24 dev enp0s8'
> arping_cmd = '/usr/bin/sudo /usr/sbin/arping -U $_IP_$ -w 1 -I enp0s8'
>
>
> This patch also changes all of the config files permission to 600.
I think you need to change src/config/pool_config_variable.c as well
since the default values for the variables are also appearing in the
file.
Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp
More information about the pgpool-hackers
mailing list