[Pkg-postgresql-public] Bug#739276: postgresql: Put pgstat in /var/run

Fri Mar 7 12:40:53 UTC 2014

Re: Martin Pitt 2014-03-07 <20140307090805.GA23354 at piware.de>
> I think configuring a tmpfs dir by default is a good idea, thanks for
> pointing that out.

+1.

> > === modified file 'createcluster.conf'
> > --- createcluster.conf	2013-04-12 12:32:08 +0000
> > +++ createcluster.conf	2014-02-17 11:26:47 +0000
> > @@ -23,3 +23,6 @@
> >  # All other options are copied into the new cluster's postgresql.conf
> >  
> >  log_line_prefix = '%%t '
> > +
> > +# Starting at version 8.4 one can move the pg_stat_tmp dir
> > +stats_temp_directory = '/var/run/postgresql/%v-%c_stat_tmp'
> 
> Note that this is a little too simplistic. This directory is only
> writable to clusters owned by postgres. While that is the default, you
> can assign any other owner, and you can even call pg_createcluster as
> a normal user and put everything into your $HOME; in those cases,
> /tmp/ will be used for the Unix socket, and we can't use
> /var/run/postgresql/.

pg_createcluster will still want to write to /etc/postgresql which is
owned by postgres, so the stats_temp_directory doesn't make the
situation worse.

> One idea is to add a new "%s" macro to the evaluation of
> createcluster.conf which expands to the used socket dir, and set
> stats_temp_directory = '%s/%v-%c_stat_tmp'. That's a little more
> complex, but always ought to work since we know that the socket dir is
> writable.

For non-postgres clusters, the socket dir will be /tmp, which isn't a
tmpfs at least on my machine (I forgot which default Debian really
decided on in that flameware).

> A simpler solution might be to use /var/run/lock/ instead, which is
> world-writable (same permissions as /tmp/). It's just a bit of an
> abuse as these are not really lock files.

/var/run/lock wouldn't work because it's too small (5120k here).

> A third option would be to not put this into createcluster.conf, but
> dynamically set it up in pg_createcluster; i. e. only postgres-owned
> clusters would configure this (more specifically, add the option if
> /var/run/postgresql is writable for the owner, so that admins could
> put other users into the postgres group).

... or mount a new tmpfs, but that would require root.

I think this, and the %s idea are too complex for the resulting
effect. Imho what Christian proposed is just the right approach,
people can still disable it in createcluster.conf.

Christoph
-- 
cb at df7cb.de | http://www.df7cb.de/