Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1ubHcg-00G5U5-Mp
	for pgsql-general@arkaria.postgresql.org; Mon, 14 Jul 2025 11:45:30 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1ubHce-006wUD-C0
	for pgsql-general@arkaria.postgresql.org; Mon, 14 Jul 2025 11:45:29 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <amol.aai@gmail.com>)
	id 1ubC4p-003lIT-9w
	for pgsql-general@lists.postgresql.org; Mon, 14 Jul 2025 05:50:11 +0000
Received: from mail-ej1-x62a.google.com ([2a00:1450:4864:20::62a])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <amol.aai@gmail.com>)
	id 1ubC4n-007SE4-1Q
	for pgsql-general@lists.postgresql.org;
	Mon, 14 Jul 2025 05:50:11 +0000
Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-ae36e88a5daso792764466b.1
        for <pgsql-general@lists.postgresql.org>; Sun, 13 Jul 2025 22:50:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1752472207; x=1753077007; darn=lists.postgresql.org;
        h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
         :date:message-id:reply-to;
        bh=g57NG37xmvNs5BOX/9MZSbJm/+QzioasgEyZvouLJDQ=;
        b=nEBLTPpbvGBQhMHUYqFGk5qOKbBC1ZcjJ9IMHoQJ2sHLsnVa4QSDUf11mhg9zTasoN
         xq3JMpkA5+CAlJXKF482ftMAmJtV6bvNUimJx4OwGhhhcen2GewYzOnQAzwhtDZKevIW
         5aRT+mWejuXbMrxm+R3eFdkmV27gcyiYKbCLUTeoRvjTWaYsbd1ymUXh2O+uUEcton+3
         NY116Hqt27nWkrILDPsWSDkqCOlrIIz32E0EgYqZ9DcNbBa6u3anMJj2zhw9gC/qM9CP
         LtGRyB6pUbguVC9g41D+JHmiWpxvpM/wuudQb8WxdK8Exa2iFrQ13Dt40bSVHdXGdsUg
         bNPw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752472207; x=1753077007;
        h=to:subject:message-id:date:from:mime-version:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=g57NG37xmvNs5BOX/9MZSbJm/+QzioasgEyZvouLJDQ=;
        b=bnKPeBgGb1/9FM1++nytTiwGVTagiZsYgLDz2tXOmpm+plh+xUVFvDbA+bAI1FxiwF
         c8/3QtBZoUcHp2SLuVpa3lxXiILvXjVhYTQWRdes12wagyNE5XAapZKRJgCZhJUAXaMG
         LeZHDryBjslA61mwKB4nb7v3sEvHak/mvVZG/BHrzmAE5FG8qhyHeGM5YYFl4jmbomMJ
         ah15M9AYmk3yNLsEvTqS9lQRAMFI6yDt9/OdPrRBgBBUwtyqYPoWXiX14O2H0gSyoLs0
         DOgw3UAeXSJ5LUDES/hFy9Zx3XqDa0oNYagQAGss2k+ReETefRjGprunjZdZUKeEnTCL
         3iLg==
X-Gm-Message-State: AOJu0YzeUuGAk9UP9rAnYmTpMgwYECMBcPXNLoTxQ+1H5ezKuICCL1+L
	YE127dwrgnvVJz8HObzdUAe8YJ3epOkxSl7/MW2ob7guOvSl84laFs8KJPqQf1PhBax2aYbk3qD
	5xxmS3h8nSlSNwgn8lb8AV0ot/vaor/xt5i1+OkU=
X-Gm-Gg: ASbGncv832Y86JQQReIB501v3b9YwGARNPLQc85JuTHKT69m82FfrjkPpDy0YtBxnW1
	Mr3UWuV+20FsHgJZ5/36vlufGV3EOtbx1S3F8xtwkUYX0WUqVjOKdF6Hryp/QR+N9a2z3RuektE
	3V568enUZB1+SmVXZm5ZhEMwMFTNPYTguyWB7N4CLmhEndbglX+tEHnh5yY+2EQVYU8cjZ6NFEZ
	VYMBT8fWtZBe9/4Gtm42tX+3TRqX3zEZbhdZw/N
X-Google-Smtp-Source: AGHT+IFjNsjwKEcjuBP9+Qm/QJxHZ0sSn++aGll0MakUit/CqUW8u0mgBUKjW/uYRHOBO6Xb+marhpsHk6WwJeW5zMg=
X-Received: by 2002:a17:906:1b59:b0:ae0:be38:64bf with SMTP id
 a640c23a62f3a-ae6fc3656afmr953443366b.58.1752472206874; Sun, 13 Jul 2025
 22:50:06 -0700 (PDT)
MIME-Version: 1.0
From: Amol Inamdar <amol.aai@gmail.com>
Date: Mon, 14 Jul 2025 11:19:55 +0530
X-Gm-Features: Ac12FXz-6MOYjzEEGBA8r7tPoL0NDkdEzU7QAlRfTfrppx7lPbBWYxR4FK_iPHM
Message-ID: <CAGOe9RiRUK9K8gUbsMfg8nWDsM2Fd9py-2oe4VG1Uaggu8fQGA@mail.gmail.com>
Subject: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure
 z/OS NFS (AT-TLS)
To: pgsql-general@lists.postgresql.org
Content-Type: multipart/alternative; boundary="0000000000005ea0ed0639dd3bac"
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/CAGOe9RiRUK9K8gUbsMfg8nWDsM2Fd9py-2oe4VG1Uaggu8fQGA%40mail.gmail.com>
Precedence: bulk

--0000000000005ea0ed0639dd3bac
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Dear PostgreSQL Community,

I'm currently running PostgreSQL version 16.6 inside a Docker container
(base image: UBI 9), using Docker Compose. The PostgreSQL data directory
is mounted from an NFS volume hosted on a z/OS NFS server.

The environment has a few constraints:

- The NFS server runs on z/OS with AT-TLS enabled.
- It=E2=80=99s a highly secure and access-controlled setup.
- Due to platform restrictions on z/OS, the mounted NFS directory cannot
  be owned by the PostgreSQL user (e.g., `postgres`) inside the container.
- As a result, PostgreSQL fails to start because of the directory
  ownership validation check.

Given the secure nature of the NFS server, I=E2=80=99d like to ask:

1. Is there a supported or recommended way to bypass the ownership
   check on the data directory?
2. What are the potential risks or implications of doing so in a secure
   NFS environment?
3. I'm considering building a custom PostgreSQL image by modifying the
   `miscinit.c` file=E2=80=94specifically, disabling the ownership check in=
 the
   `checkDataDir()` function. Is this a reasonable approach, and are
   there any caveats or unintended side effects I should be aware of?

**Disclaimer**: The z/OS NFS server is secured using AT-TLS and enforces
strict access control policies. My intention is not to weaken
PostgreSQL=E2=80=99s security model, but to adapt to platform-specific
constraints while maintaining overall security integrity.

Any insights, experiences, or alternative suggestions would be greatly
appreciated.

Best regards,
Amol

--0000000000005ea0ed0639dd3bac
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Dear PostgreSQL Community,<br><br>I&#39;m currently runnin=
g PostgreSQL version 16.6 inside a Docker container<br>(base image: UBI 9),=
 using Docker Compose. The PostgreSQL data directory<br>is mounted from an =
NFS volume hosted on a z/OS NFS server.<br><br>The environment has a few co=
nstraints:<br><br>- The NFS server runs on z/OS with AT-TLS enabled.<br>- I=
t=E2=80=99s a highly secure and access-controlled setup.<br>- Due to platfo=
rm restrictions on z/OS, the mounted NFS directory cannot<br>=C2=A0 be owne=
d by the PostgreSQL user (e.g., `postgres`) inside the container.<br>- As a=
 result, PostgreSQL fails to start because of the directory<br>=C2=A0 owner=
ship validation check.<br><br>Given the secure nature of the NFS server, I=
=E2=80=99d like to ask:<br><br>1. Is there a supported or recommended way t=
o bypass the ownership<br>=C2=A0 =C2=A0check on the data directory?<br>2. W=
hat are the potential risks or implications of doing so in a secure<br>=C2=
=A0 =C2=A0NFS environment?<br>3. I&#39;m considering building a custom Post=
greSQL image by modifying the<br>=C2=A0 =C2=A0`miscinit.c` file=E2=80=94spe=
cifically, disabling the ownership check in the<br>=C2=A0 =C2=A0`checkDataD=
ir()` function. Is this a reasonable approach, and are<br>=C2=A0 =C2=A0ther=
e any caveats or unintended side effects I should be aware of?<br><br>**Dis=
claimer**: The z/OS NFS server is secured using AT-TLS and enforces<br>stri=
ct access control policies. My intention is not to weaken<br>PostgreSQL=E2=
=80=99s security model, but to adapt to platform-specific<br>constraints wh=
ile maintaining overall security integrity.<br><br>Any insights, experience=
s, or alternative suggestions would be greatly<br>appreciated.<br><br>Best =
regards, =C2=A0<br>Amol<br></div>

--0000000000005ea0ed0639dd3bac--