开发者社区> 问答> 正文

PostgreSQL 会自动加强 表空间目录的权限控制吗?

已解决

我在创建表空间时,表空间的目录权限自动变成700了,为什么呢?

展开
收起
德哥 2016-01-15 09:48:54 4928 0
2 条回答
写回答
取消 提交回答
  • 公益是一辈子的事, I am digoal, just do it. 阿里云数据库团队, 擅长PolarDB, PostgreSQL, DuckDB, ADB等, 长期致力于推动开源数据库技术、生态在中国的发展与开源产业人才培养. 曾荣获阿里巴巴麒麟布道师称号、2018届OSCAR开源尖峰人物.
    采纳回答

    你好,PostgreSQL是会自动将表空间的目录权限修改为S_IRWXU的,即

           S_IRWXU  00700 user (file owner) has read, write and execute permission
    

    代码:
    src/backend/commands/tablespace.c

    /*
     * create_tablespace_directories
     *
     *      Attempt to create filesystem infrastructure linking $PGDATA/pg_tblspc/
     *      to the specified directory
     */
    static void
    create_tablespace_directories(const char *location, const Oid tablespaceoid)
    {
            char       *linkloc;
            char       *location_with_version_dir;
            struct stat st;
    
            linkloc = psprintf("pg_tblspc/%u", tablespaceoid);
            location_with_version_dir = psprintf("%s/%s", location,
                                                                                     TABLESPACE_VERSION_DIRECTORY);
    
            /*
             * Attempt to coerce target directory to safe permissions.  If this fails,
             * it doesn't exist or has the wrong owner.
             */
            if (chmod(location, S_IRWXU) != 0)
            {
                    if (errno == ENOENT)
                            ereport(ERROR,
                                            (errcode(ERRCODE_UNDEFINED_FILE),
                                             errmsg("directory \"%s\" does not exist", location),
                                             InRecovery ? errhint("Create this directory for the tablespace before "
                                                                                      "restarting the server.") : 0));
                    else
                            ereport(ERROR,
                                            (errcode_for_file_access(),
                                      errmsg("could not set permissions on directory \"%s\": %m",
                                                     location)));
            }
    
            if (InRecovery)
            {
                    /*
                     * Our theory for replaying a CREATE is to forcibly drop the target
                     * subdirectory if present, and then recreate it. This may be more
                     * work than needed, but it is simple to implement.
                     */
                    if (stat(location_with_version_dir, &st) == 0 && S_ISDIR(st.st_mode))
                    {
                            if (!rmtree(location_with_version_dir, true))
                                    /* If this failed, mkdir() below is going to error. */
                                    ereport(WARNING,
                                                    (errmsg("some useless files may be left behind in old database directory \"%s\"",
                                                                    location_with_version_dir)));
                    }
            }
    
            /*
             * The creation of the version directory prevents more than one tablespace
             * in a single location.
             */
            if (mkdir(location_with_version_dir, S_IRWXU) < 0)
            {
                    if (errno == EEXIST)
                            ereport(ERROR,
                                            (errcode(ERRCODE_OBJECT_IN_USE),
                                             errmsg("directory \"%s\" already in use as a tablespace",
                                                            location_with_version_dir)));
                    else
                            ereport(ERROR,
                                            (errcode_for_file_access(),
                                             errmsg("could not create directory \"%s\": %m",
                                                            location_with_version_dir)));
            }
    
            /*
             * In recovery, remove old symlink, in case it points to the wrong place.
             */
            if (InRecovery)
                    remove_tablespace_symlink(linkloc);
    
            /*
             * Create the symlink under PGDATA
             */
            if (symlink(location, linkloc) < 0)
                    ereport(ERROR,
                                    (errcode_for_file_access(),
                                     errmsg("could not create symbolic link \"%s\": %m",
                                                    linkloc)));
    
            pfree(linkloc);
            pfree(location_with_version_dir);
    }
    2019-07-17 18:24:38
    赞同 1 展开评论 打赏
  • 学习下 膜拜下

    2019-07-17 18:24:39
    赞同 展开评论 打赏
问答排行榜
最热
最新

相关电子书

更多
金融级 PostgreSQL监控及优化 立即下载
PostgreSQL在哈啰的实践-周飞 立即下载
PostgreSQL高并发数据库应用数据 立即下载

相关镜像