public inbox for [email protected]
help / color / mirror / Atom feedpgbouncer packaging issue
5+ messages / 4 participants
[nested] [flat]
* pgbouncer packaging issue
@ 2018-01-09 18:47 Brandon Snider <[email protected]>
2018-01-09 18:59 ` Re: pgbouncer packaging issue Peter Eisentraut <[email protected]>
0 siblings, 1 reply; 5+ messages in thread
From: Brandon Snider @ 2018-01-09 18:47 UTC (permalink / raw)
To: pgsql-pkg-yum
Hi, I have an issue to report with a config file shipped in the
pgbouncer package.
You're installing /usr/lib/tmpfiles.d/pgbouncer.conf to create the
/var/run/pgbouncer dir, but the permissions on that dir are too
restrictive -- 700 -- for any file to be read by any user except
pgbouncer and root. In my situation, for whatever reason my PHP
implementation can't read unix sockets in /tmp, and I would like to
install the socket to the /var/run dir since the pgbouncer user has
write permissions there. This is a very similar situation as the
postgresql conf file which creates the /var/run/postgresql dir. I
could manually change the directory permission myself, but it would be
overwritten the next time there's a bouncer update.
Thanks.
-- Brandon J. Snider
^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: pgbouncer packaging issue
2018-01-09 18:47 pgbouncer packaging issue Brandon Snider <[email protected]>
@ 2018-01-09 18:59 ` Peter Eisentraut <[email protected]>
2018-01-09 21:11 ` Re: pgbouncer packaging issue Christoph Berg <[email protected]>
0 siblings, 1 reply; 5+ messages in thread
From: Peter Eisentraut @ 2018-01-09 18:59 UTC (permalink / raw)
To: Brandon Snider <[email protected]>; pgsql-pkg-yum
On 1/9/18 13:47, Brandon Snider wrote:
> You're installing /usr/lib/tmpfiles.d/pgbouncer.conf to create the
> /var/run/pgbouncer dir, but the permissions on that dir are too
> restrictive -- 700 -- for any file to be read by any user except
> pgbouncer and root. In my situation, for whatever reason my PHP
> implementation can't read unix sockets in /tmp,
That might need further explanation.
> and I would like to
> install the socket to the /var/run dir since the pgbouncer user has
> write permissions there. This is a very similar situation as the
> postgresql conf file which creates the /var/run/postgresql dir. I
> could manually change the directory permission myself, but it would be
> overwritten the next time there's a bouncer update.
Depending on the operating system, you should put the socket into /tmp
or /var/run/postgresql, because that's where a PostgreSQL client would
expect it. The client isn't supposed to know that it's connecting to
pgbouncer instead. So /var/run/pgbouncer is in any case not a
designated place for a Unix-domain socket.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: pgbouncer packaging issue
2018-01-09 18:47 pgbouncer packaging issue Brandon Snider <[email protected]>
2018-01-09 18:59 ` Re: pgbouncer packaging issue Peter Eisentraut <[email protected]>
@ 2018-01-09 21:11 ` Christoph Berg <[email protected]>
2018-01-10 14:56 ` Re: pgbouncer packaging issue Peter Eisentraut <[email protected]>
0 siblings, 1 reply; 5+ messages in thread
From: Christoph Berg @ 2018-01-09 21:11 UTC (permalink / raw)
To: [email protected]; Peter Eisentraut <[email protected]>; Brandon Snider <[email protected]>; pgsql-pkg-yum
Am 9. Januar 2018 19:59:04 MEZ schrieb Peter Eisentraut <[email protected]>:
>On 1/9/18 13:47, Brandon Snider wrote:
>> You're installing /usr/lib/tmpfiles.d/pgbouncer.conf to create the
>> /var/run/pgbouncer dir, but the permissions on that dir are too
>> restrictive -- 700 -- for any file to be read by any user except
>> pgbouncer and root. In my situation, for whatever reason my PHP
>> implementation can't read unix sockets in /tmp,
>
>That might need further explanation.
That's likely systemd at work. By default, each process gets its own /tmp bind-mounted.
^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: pgbouncer packaging issue
2018-01-09 18:47 pgbouncer packaging issue Brandon Snider <[email protected]>
2018-01-09 18:59 ` Re: pgbouncer packaging issue Peter Eisentraut <[email protected]>
2018-01-09 21:11 ` Re: pgbouncer packaging issue Christoph Berg <[email protected]>
@ 2018-01-10 14:56 ` Peter Eisentraut <[email protected]>
2018-01-28 13:06 ` Re: pgbouncer packaging issue Devrim Gündüz <[email protected]>
0 siblings, 1 reply; 5+ messages in thread
From: Peter Eisentraut @ 2018-01-10 14:56 UTC (permalink / raw)
To: Christoph Berg <[email protected]>; [email protected]; Brandon Snider <[email protected]>; pgsql-pkg-yum
On 1/9/18 16:11, Christoph Berg wrote:
> Am 9. Januar 2018 19:59:04 MEZ schrieb Peter Eisentraut <[email protected]>:
>> On 1/9/18 13:47, Brandon Snider wrote:
>>> You're installing /usr/lib/tmpfiles.d/pgbouncer.conf to create the
>>> /var/run/pgbouncer dir, but the permissions on that dir are too
>>> restrictive -- 700 -- for any file to be read by any user except
>>> pgbouncer and root. In my situation, for whatever reason my PHP
>>> implementation can't read unix sockets in /tmp,
>>
>> That might need further explanation.
>
> That's likely systemd at work. By default, each process gets its own /tmp bind-mounted.
Right. After further off-list discussion, the actual bug here is that
pgbouncer should puts its socket into /var/run/postgresql, which is the
standard location on that platform. But that doesn't work because
pgbouncer runs under a separate user and doesn't have permission there.
This has been previously reported on this list.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: pgbouncer packaging issue
2018-01-09 18:47 pgbouncer packaging issue Brandon Snider <[email protected]>
2018-01-09 18:59 ` Re: pgbouncer packaging issue Peter Eisentraut <[email protected]>
2018-01-09 21:11 ` Re: pgbouncer packaging issue Christoph Berg <[email protected]>
2018-01-10 14:56 ` Re: pgbouncer packaging issue Peter Eisentraut <[email protected]>
@ 2018-01-28 13:06 ` Devrim Gündüz <[email protected]>
0 siblings, 0 replies; 5+ messages in thread
From: Devrim Gündüz @ 2018-01-28 13:06 UTC (permalink / raw)
To: Peter Eisentraut <[email protected]>; Christoph Berg <[email protected]>; [email protected]; Brandon Snider <[email protected]>; pgsql-pkg-yum
Hi,
On Wed, 2018-01-10 at 09:56 -0500, Peter Eisentraut wrote:
> Right. After further off-list discussion, the actual bug here is that
> pgbouncer should puts its socket into /var/run/postgresql, which is the
> standard location on that platform. But that doesn't work because
> pgbouncer runs under a separate user and doesn't have permission there.
> This has been previously reported on this list.
This bites me a lot, too. I'll read you previous email(s) about this, and see
what I can do.
Regards,
--
Devrim Gündüz
EnterpriseDB: https://www.enterprisedb.com
PostgreSQL Consultant, Red Hat Certified Engineer
Twitter: @DevrimGunduz , @DevrimGunduzTR
Attachments:
[application/pgp-signature] signature.asc (833B, 2-signature.asc)
download
^ permalink raw reply [nested|flat] 5+ messages in thread
end of thread, other threads:[~2018-01-28 13:06 UTC | newest]
Thread overview: 5+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2018-01-09 18:47 pgbouncer packaging issue Brandon Snider <[email protected]>
2018-01-09 18:59 ` Peter Eisentraut <[email protected]>
2018-01-09 21:11 ` Christoph Berg <[email protected]>
2018-01-10 14:56 ` Peter Eisentraut <[email protected]>
2018-01-28 13:06 ` Devrim Gündüz <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox