Thread

  1. ipcclean in 8.1 broken?

    Christopher Kings-Lynne <chriskl@familyhealth.com.au> — 2006-02-28T06:42:22Z

    I just tried using ipcclean in 8.1.3.  It doesn't work when I su to the 
    pgsql user.  This part of the script:
    
    if [ "$USER" = 'root' -o "$LOGNAME" = 'root' ]
    
    Always fails because even tho $USER is set to 'pgsql' when su'ed, 
    $LOGNAME is still root.
    
    This is on FreeBSD 4.9
    
    Chris
    
    
    
  2. Re: ipcclean in 8.1 broken?

    Christopher Kings-Lynne <chriskl@familyhealth.com.au> — 2006-03-01T08:39:32Z

    No-one has a comment on this?
    
    Christopher Kings-Lynne wrote:
    > I just tried using ipcclean in 8.1.3.  It doesn't work when I su to the 
    > pgsql user.  This part of the script:
    > 
    > if [ "$USER" = 'root' -o "$LOGNAME" = 'root' ]
    > 
    > Always fails because even tho $USER is set to 'pgsql' when su'ed, 
    > $LOGNAME is still root.
    > 
    > This is on FreeBSD 4.9
    > 
    > Chris
    > 
    > 
    > ---------------------------(end of broadcast)---------------------------
    > TIP 1: if posting/reading through Usenet, please send an appropriate
    >       subscribe-nomail command to majordomo@postgresql.org so that your
    >       message can get through to the mailing list cleanly
    
    
    
  3. Re: ipcclean in 8.1 broken?

    Peter Eisentraut <peter_e@gmx.net> — 2006-03-01T11:49:13Z

    Am Dienstag, 28. Februar 2006 07:42 schrieb Christopher Kings-Lynne:
    > I just tried using ipcclean in 8.1.3.  It doesn't work when I su to the
    > pgsql user.  This part of the script:
    >
    > if [ "$USER" = 'root' -o "$LOGNAME" = 'root' ]
    >
    > Always fails because even tho $USER is set to 'pgsql' when su'ed,
    > $LOGNAME is still root.
    >
    > This is on FreeBSD 4.9
    
    It seems to work on Linux; apparently there are different behaviors of su.  Do 
    you have a suggestion for resolving this?
    
    -- 
    Peter Eisentraut
    http://developer.postgresql.org/~petere/
    
    
  4. Re: ipcclean in 8.1 broken?

    Roman Neuhauser <neuhauser@sigpipe.cz> — 2006-03-01T12:04:11Z

    # peter_e@gmx.net / 2006-03-01 12:49:13 +0100:
    > Am Dienstag, 28. Februar 2006 07:42 schrieb Christopher Kings-Lynne:
    > > I just tried using ipcclean in 8.1.3.  It doesn't work when I su to the
    > > pgsql user.  This part of the script:
    > >
    > > if [ "$USER" = 'root' -o "$LOGNAME" = 'root' ]
    > >
    > > Always fails because even tho $USER is set to 'pgsql' when su'ed,
    > > $LOGNAME is still root.
    > >
    > > This is on FreeBSD 4.9
    > 
    > It seems to work on Linux; apparently there are different behaviors of su.  Do 
    > you have a suggestion for resolving this?
    
        use "su -l"? this is on FreeBSD 6:
    
         By default, the environment is unmodified with the exception of USER,
         HOME, and SHELL.
         ...
         -l      Simulate a full login.  The environment is discarded except for
                 HOME, SHELL, PATH, TERM, and USER.  HOME and SHELL are modified
                 as above.  USER is set to the target login.  PATH is set to
                 ``/bin:/usr/bin''.  TERM is imported from your current environ-
                 ment.
    
        smradoch@neuhauser ~ 1001:0 > echo $USER $LOGNAME
        smradoch smradoch
        smradoch@neuhauser ~ 1002:0 > su -l
        Password:
        neuhauser# echo $USER $LOGNAME
        root root
        neuhauser# logout
        smradoch@neuhauser ~ 1003:0 > su   
        Password:
        You have mail.
        neuhauser# echo $USER $LOGNAME
        smradoch smradoch
        neuhauser# exit
        smradoch@neuhauser ~ 1004:0 > uname -srm
        FreeBSD 6.1-PRERELEASE amd64
    
        su (coreutils) 4.5.3 on RHEL3 behaves exactly the same.
    
    -- 
    How many Vietnam vets does it take to screw in a light bulb?
    You don't know, man.  You don't KNOW.
    Cause you weren't THERE.             http://bash.org/?255991
    
    
  5. Re: ipcclean in 8.1 broken?

    Tom Lane <tgl@sss.pgh.pa.us> — 2006-03-01T15:46:05Z

    Christopher Kings-Lynne <chriskl@familyhealth.com.au> writes:
    > No-one has a comment on this?
    
    ipcclean has never been much more than beta-quality software; it doesn't
    pretend to be very portable.
    
    Having said that, I think the anti-root check is bogus.  It was probably
    added in a fit of "let's make sure nobody tries to admin PG as root",
    but I don't see why that applies to ipcclean.  The only thing that
    really matters is whether the subsequent id/whoami lookup comes up with
    the proper user id.  I'd be inclined to do the id lookup and then bomb
    out if it came up with 0 (just to ensure that no one accidentally blows
    away really-important shared memory segments).
    
    			regards, tom lane
    
    
  6. Re: ipcclean in 8.1 broken?

    Christopher Kings-Lynne <chriskl@familyhealth.com.au> — 2006-03-02T01:27:17Z

    >> if [ "$USER" = 'root' -o "$LOGNAME" = 'root' ]
    >>
    >> Always fails because even tho $USER is set to 'pgsql' when su'ed,
    >> $LOGNAME is still root.
    >>
    >> This is on FreeBSD 4.9
    > 
    > It seems to work on Linux; apparently there are different behaviors of su.  Do 
    > you have a suggestion for resolving this?
    
    Well all I did to fix it on FreeBSD was to remove the '-o "$LOGNAME" = 
    'root'' bit...
    
    Chris
    
    
    
    
  7. Re: ipcclean in 8.1 broken?

    Bruce Momjian <pgman@candle.pha.pa.us> — 2006-03-03T16:54:58Z

    Christopher Kings-Lynne wrote:
    > >> if [ "$USER" = 'root' -o "$LOGNAME" = 'root' ]
    > >>
    > >> Always fails because even tho $USER is set to 'pgsql' when su'ed,
    > >> $LOGNAME is still root.
    > >>
    > >> This is on FreeBSD 4.9
    > > 
    > > It seems to work on Linux; apparently there are different behaviors of su.  Do 
    > > you have a suggestion for resolving this?
    > 
    > Well all I did to fix it on FreeBSD was to remove the '-o "$LOGNAME" = 
    > 'root'' bit...
    
    I applied the attached patch to CVS HEAD and 8.1.X.  It looks at LOGNAME
    only if USER is not set.
    
    -- 
      Bruce Momjian   http://candle.pha.pa.us
      SRA OSS, Inc.   http://www.sraoss.com
    
      + If your life is a hard drive, Christ can be your backup. +
    
  8. Re: ipcclean in 8.1 broken?

    Tom Lane <tgl@sss.pgh.pa.us> — 2006-03-03T17:21:31Z

    Bruce Momjian <pgman@candle.pha.pa.us> writes:
    > I applied the attached patch to CVS HEAD and 8.1.X.  It looks at LOGNAME
    > only if USER is not set.
      
    > ! if [ "$USER" = 'root' -o "$LOGNAME" = 'root' ]
    
    > ! # only check $LOGNAME if $USER is not set
    > ! if [ "$USER" = 'root' -o \( ! "$USER" -a "$LOGNAME" = 'root' \) ]
    
    Bruce, this patch isn't going to fix anything.
    
    			regards, tom lane
    
    
  9. Re: ipcclean in 8.1 broken?

    Bruce Momjian <pgman@candle.pha.pa.us> — 2006-03-03T17:24:26Z

    Tom Lane wrote:
    > Bruce Momjian <pgman@candle.pha.pa.us> writes:
    > > I applied the attached patch to CVS HEAD and 8.1.X.  It looks at LOGNAME
    > > only if USER is not set.
    >   
    > > ! if [ "$USER" = 'root' -o "$LOGNAME" = 'root' ]
    > 
    > > ! # only check $LOGNAME if $USER is not set
    > > ! if [ "$USER" = 'root' -o \( ! "$USER" -a "$LOGNAME" = 'root' \) ]
    > 
    > Bruce, this patch isn't going to fix anything.
    
    Chris said he did:
    
    > Well all I did to fix it on FreeBSD was to remove the '-o "$LOGNAME" =
    > 'root'' bit...
    
    so I figured the patch would help, no?
    
    -- 
      Bruce Momjian   http://candle.pha.pa.us
      SRA OSS, Inc.   http://www.sraoss.com
    
      + If your life is a hard drive, Christ can be your backup. +
    
    
  10. Re: ipcclean in 8.1 broken?

    Tom Lane <tgl@sss.pgh.pa.us> — 2006-03-03T17:49:29Z

    Bruce Momjian <pgman@candle.pha.pa.us> writes:
    > Chris said he did:
    >> Well all I did to fix it on FreeBSD was to remove the '-o "$LOGNAME" =
    >> 'root'' bit...
    > so I figured the patch would help, no?
    
    No, because there's no good reason to suppose that $USER wouldn't be set.
    
    I think we should remove that entire code block, and instead check for a
    zero value of EffectiveUser after doing the id bit.
    
    (I'm not finding it right now, but I'm pretty sure that the SUS
    specifies that numeric userid == 0 for superuser, whereas "root" is not
    required to be the name, so this would be more correct anyway.)
    
    			regards, tom lane
    
    
  11. Re: ipcclean in 8.1 broken?

    Bruce Momjian <pgman@candle.pha.pa.us> — 2006-03-03T18:00:59Z

    Tom Lane wrote:
    > Bruce Momjian <pgman@candle.pha.pa.us> writes:
    > > Chris said he did:
    > >> Well all I did to fix it on FreeBSD was to remove the '-o "$LOGNAME" =
    > >> 'root'' bit...
    > > so I figured the patch would help, no?
    > 
    > No, because there's no good reason to suppose that $USER wouldn't be set.
    
    But if USER is set, why check LOGNAME?
    
    > I think we should remove that entire code block, and instead check for a
    > zero value of EffectiveUser after doing the id bit.
    > 
    > (I'm not finding it right now, but I'm pretty sure that the SUS
    > specifies that numeric userid == 0 for superuser, whereas "root" is not
    > required to be the name, so this would be more correct anyway.)
    
    Can we assume 'id' is on all unix systems?
    
    -- 
      Bruce Momjian   http://candle.pha.pa.us
      SRA OSS, Inc.   http://www.sraoss.com
    
      + If your life is a hard drive, Christ can be your backup. +
    
    
  12. Re: ipcclean in 8.1 broken?

    Tom Lane <tgl@sss.pgh.pa.us> — 2006-03-03T18:27:56Z

    Bruce Momjian <pgman@candle.pha.pa.us> writes:
    > Tom Lane wrote:
    >> (I'm not finding it right now, but I'm pretty sure that the SUS
    >> specifies that numeric userid == 0 for superuser, whereas "root" is not
    >> required to be the name, so this would be more correct anyway.)
    
    > Can we assume 'id' is on all unix systems?
    
    What's your point?  The script fails anyway if that bit doesn't work.
    
    			regards, tom lane
    
    
  13. Re: ipcclean in 8.1 broken?

    Bruce Momjian <pgman@candle.pha.pa.us> — 2006-03-03T18:39:55Z

    Tom Lane wrote:
    > Bruce Momjian <pgman@candle.pha.pa.us> writes:
    > > Tom Lane wrote:
    > >> (I'm not finding it right now, but I'm pretty sure that the SUS
    > >> specifies that numeric userid == 0 for superuser, whereas "root" is not
    > >> required to be the name, so this would be more correct anyway.)
    > 
    > > Can we assume 'id' is on all unix systems?
    > 
    > What's your point?  The script fails anyway if that bit doesn't work.
    
    Is 'id' better than what we have now if 'id' isn't widely supported?
    
    -- 
      Bruce Momjian   http://candle.pha.pa.us
      SRA OSS, Inc.   http://www.sraoss.com
    
      + If your life is a hard drive, Christ can be your backup. +
    
    
  14. Re: ipcclean in 8.1 broken?

    Michael Fuhr <mike@fuhr.org> — 2006-03-03T18:45:21Z

    On Fri, Mar 03, 2006 at 01:00:59PM -0500, Bruce Momjian wrote:
    > Tom Lane wrote:
    > > (I'm not finding it right now, but I'm pretty sure that the SUS
    > > specifies that numeric userid == 0 for superuser, whereas "root" is not
    > > required to be the name, so this would be more correct anyway.)
    
    The Rationale (XRAT) Definitions section says for "Superuser":
    
      This concept, with great historical significance to UNIX system
      users, has been replaced with the notion of appropriate privileges.
    
    An excerpt from the definition of "Appropriate Privileges" is
    
      For many historical implementations of the UNIX system, the
      presence of the term "appropriate privileges" in POSIX.1 may be
      understood as a synonym for "superuser" (UID 0).  However, other
      systems have emerged where this is not the case and each discrete
      controllable action has appropriate privileges associated with
      it.  Because this mechanism is implementation-defined, it must
      be described in the conformance document.
    
    (I'd post links but people elsewhere haved bitched about doing that
    because the documents are supposed to require registration to read.
    If that's true then it seems silly that they're available to anybody
    who knows the URL.)
    
    > Can we assume 'id' is on all unix systems?
    
    It's defined in Shell and Utilities (XCU).  If the system doesn't
    have it then one must wonder what else the system is missing.
    
    -- 
    Michael Fuhr
    
    
  15. Re: ipcclean in 8.1 broken?

    Michael Paesold <mpaesold@gmx.at> — 2006-03-03T18:49:08Z

    Bruce Momjian wrote:
    > Tom Lane wrote:
    >> Bruce Momjian <pgman@candle.pha.pa.us> writes:
    >> > Tom Lane wrote:
    >> >> (I'm not finding it right now, but I'm pretty sure that the SUS
    >> >> specifies that numeric userid == 0 for superuser, whereas "root" is 
    >> >> not
    >> >> required to be the name, so this would be more correct anyway.)
    >>
    >> > Can we assume 'id' is on all unix systems?
    >>
    >> What's your point?  The script fails anyway if that bit doesn't work.
    >
    > Is 'id' better than what we have now if 'id' isn't widely supported?
    
    I don't think this is really a question of portability. The variables $USER 
    and $LOGNAME are not always set to the current (effective) user, e.g. on 
    linux. That's Chris' current problem, I think. Just compare the difference 
    of using "su" with and without the "-l" argument:
    
    $ su
    # echo $LOGNAME ; echo $USER
    mip
    mip
    # exit
    $ su -l
    # echo $LOGNAME ; echo $USER
    root
    root
    #
    
    Of course, if you just want to question the use of "id", that's a different 
    story.
    
    Best Regards,
    Michael Paesold 
    
    
    
    
  16. Re: ipcclean in 8.1 broken?

    Tom Lane <tgl@sss.pgh.pa.us> — 2006-03-03T18:49:23Z

    Bruce Momjian <pgman@candle.pha.pa.us> writes:
    > Tom Lane wrote:
    >> What's your point?  The script fails anyway if that bit doesn't work.
    
    > Is 'id' better than what we have now if 'id' isn't widely supported?
    
    I'm repeating myself, but: what's your point?  'id' exists on Linux,
    and the script fails (in the worst possible way, ie, might remove
    inappropriate shmem segments) on all other platforms if it's unable
    to detect the correct EffectiveUser.  I would argue that checking for a
    numeric, nonzero EffectiveUser is going to make it safer not less so.
    
    			regards, tom lane
    
    
  17. Re: ipcclean in 8.1 broken?

    Bruce Momjian <pgman@candle.pha.pa.us> — 2006-03-03T19:30:45Z

    Tom Lane wrote:
    > Bruce Momjian <pgman@candle.pha.pa.us> writes:
    > > Tom Lane wrote:
    > >> What's your point?  The script fails anyway if that bit doesn't work.
    > 
    > > Is 'id' better than what we have now if 'id' isn't widely supported?
    > 
    > I'm repeating myself, but: what's your point?  'id' exists on Linux,
    > and the script fails (in the worst possible way, ie, might remove
    > inappropriate shmem segments) on all other platforms if it's unable
    > to detect the correct EffectiveUser.  I would argue that checking for a
    > numeric, nonzero EffectiveUser is going to make it safer not less so.
    
    If it can be done more reliably than what we do not.  We support much
    more than Linix, and I have not seen anyway say 'id' is available on all
    platforms.  We can try 'id' if it exists and fall back if it doesn't.
    
    -- 
      Bruce Momjian   http://candle.pha.pa.us
      SRA OSS, Inc.   http://www.sraoss.com
    
      + If your life is a hard drive, Christ can be your backup. +
    
    
  18. Re: ipcclean in 8.1 broken?

    Andrew Dunstan <andrew@dunslane.net> — 2006-03-03T19:47:42Z

    Bruce Momjian wrote:
    
    >Tom Lane wrote:
    >  
    >
    >>Bruce Momjian <pgman@candle.pha.pa.us> writes:
    >>    
    >>
    >>>Tom Lane wrote:
    >>>      
    >>>
    >>>>What's your point?  The script fails anyway if that bit doesn't work.
    >>>>        
    >>>>
    >>>Is 'id' better than what we have now if 'id' isn't widely supported?
    >>>      
    >>>
    >>I'm repeating myself, but: what's your point?  'id' exists on Linux,
    >>and the script fails (in the worst possible way, ie, might remove
    >>inappropriate shmem segments) on all other platforms if it's unable
    >>to detect the correct EffectiveUser.  I would argue that checking for a
    >>numeric, nonzero EffectiveUser is going to make it safer not less so.
    >>    
    >>
    >
    >If it can be done more reliably than what we do not.  We support much
    >more than Linix, and I have not seen anyway say 'id' is available on all
    >platforms.  We can try 'id' if it exists and fall back if it doesn't.
    >
    >  
    >
    perl -e 'exit  $> != 0 ;'
    
    succeeds iff your effective uid is not 0.
    
    or we could revive pg_id.
    
    (for the humor impaired, no, I am not serious.)
    
    cheers
    
    andrew