From 850efe2a5700c2ba30f9e9860dd83143cf15da34 Mon Sep 17 00:00:00 2001 From: "Aaron W. Swenson" Date: Sun, 11 Feb 2018 10:54:10 -0500 Subject: dev-db/postgresql: Cleanup Old and Insecure Files Bug: https://bugs.gentoo.org/627462 Bug: https://bugs.gentoo.org/636978 Bug: https://bugs.gentoo.org/630824 Bug: https://bugs.gentoo.org/603720 Bug: https://bugs.gentoo.org/603716 Package-Manager: Portage-2.3.19, Repoman-2.3.6 --- .../files/postgresql-9.2-9.4-tz-dir-overflow.patch | 16 --- dev-db/postgresql/files/postgresql.confd | 58 --------- dev-db/postgresql/files/postgresql.init | 137 -------------------- dev-db/postgresql/files/postgresql.init-9.3 | 142 --------------------- dev-db/postgresql/files/postgresql.service | 55 -------- dev-db/postgresql/files/postgresql.service-9.6 | 56 -------- 6 files changed, 464 deletions(-) delete mode 100644 dev-db/postgresql/files/postgresql-9.2-9.4-tz-dir-overflow.patch delete mode 100644 dev-db/postgresql/files/postgresql.confd delete mode 100644 dev-db/postgresql/files/postgresql.init delete mode 100644 dev-db/postgresql/files/postgresql.init-9.3 delete mode 100644 dev-db/postgresql/files/postgresql.service delete mode 100644 dev-db/postgresql/files/postgresql.service-9.6 (limited to 'dev-db/postgresql/files') diff --git a/dev-db/postgresql/files/postgresql-9.2-9.4-tz-dir-overflow.patch b/dev-db/postgresql/files/postgresql-9.2-9.4-tz-dir-overflow.patch deleted file mode 100644 index 59e43c5384e7..000000000000 --- a/dev-db/postgresql/files/postgresql-9.2-9.4-tz-dir-overflow.patch +++ /dev/null @@ -1,16 +0,0 @@ ---- a/src/timezone/pgtz.c 2015-02-02 15:45:23.000000000 -0500 -+++ b/src/timezone/pgtz.c 2015-04-07 14:21:22.341832190 -0400 -@@ -1615,6 +1615,13 @@ - if (direntry->d_name[0] == '.') - continue; - -+ /* copy current working directory so that there is no risk of modification by basename(), -+ * and compare to current direntry name; skip if they are the same as this is a recursive fs loop -+ */ -+ snprintf(fullname, MAXPGPATH, "%s", dir->dirname[dir->depth]); -+ if (strncmp(direntry->d_name,basename(fullname),strlen(direntry->d_name)) == 0) -+ continue; -+ - snprintf(fullname, MAXPGPATH, "%s/%s", - dir->dirname[dir->depth], direntry->d_name); - if (stat(fullname, &statbuf) != 0) diff --git a/dev-db/postgresql/files/postgresql.confd b/dev-db/postgresql/files/postgresql.confd deleted file mode 100644 index 07b465d9b61a..000000000000 --- a/dev-db/postgresql/files/postgresql.confd +++ /dev/null @@ -1,58 +0,0 @@ -# Which port and socket to bind PostgreSQL -PGPORT="5432" - -# How long to wait for server to start in seconds -START_TIMEOUT=10 - -# NICE_QUIT ignores new connections and wait for clients to disconnect from -# server before shutting down. NICE_TIMEOUT in seconds determines how long to -# wait for this to succeed. -NICE_TIMEOUT=60 - -# Forecfully disconnect clients from server and shut down. This is performed -# after NICE_QUIT. Terminated client connections have their open transactions -# rolled back. -# Set RUDE_QUIT to "NO" to disable. RUDE_TIMEOUT in seconds. -RUDE_QUIT="YES" -RUDE_TIMEOUT=30 - -# If the server still fails to shutdown, you can force it to quit by setting -# this to YES and a recover-run will execute on the next startup. -# Set FORCE_QUIT to "YES" to enable. FORCE_TIMEOUT in seconds. -FORCE_QUIT="NO" -FORCE_TIMEOUT=2 - -# Extra options to run postmaster with, e.g.: -# -N is the maximal number of client connections -# -B is the number of shared buffers and has to be at least 2x the value for -N -# Please read the man-page to postmaster for more options. Many of these -# options can be set directly in the configuration file. -#PGOPTS="-N 512 -B 1024" - -# Pass extra environment variables. If you have to export environment variables -# for the database process, this can be done here. -# Don't forget to escape quotes. -#PG_EXTRA_ENV="PGPASSFILE=\"/path/to/.pgpass\"" - -############################################################################## -# -# The following values should not be arbitrarily changed. -# -# `emerge --config dev-db/postgresql:@SLOT@' uses these values to -# determine where to create the data directory, where to place the -# configuration files, and any additional options to pass to initdb. -# -# The initscript also uses these variables to inform PostgreSQL where to find -# its data directory and configuration files. -# -############################################################################## - -# Location of configuration files -PGDATA="/etc/postgresql-@SLOT@/" - -# Where the data directory is located/to be created -DATA_DIR="/var/lib/postgresql/@SLOT@/data" - -# Additional options to pass to initdb. -# See `man initdb' for available options. -PG_INITDB_OPTS="--encoding=UTF8" diff --git a/dev-db/postgresql/files/postgresql.init b/dev-db/postgresql/files/postgresql.init deleted file mode 100644 index 35dd316e9604..000000000000 --- a/dev-db/postgresql/files/postgresql.init +++ /dev/null @@ -1,137 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -extra_started_commands="reload" - -get_config() { - [ -f ${PGDATA%/}/postgresql.conf ] || return 1 - - eval echo $(sed -e 's:#.*::' ${PGDATA%/}/postgresql.conf \ - | awk '$1 == "'$1'" { print ($2 == "=" ? $3 : $2) }') -} - -depend() { - use net - provide postgresql - - if [ "$(get_config log_destination)" = "syslog" ]; then - use logger - fi -} - -configured_port=$(get_config port) -: ${configured_port:=${PGPORT}} -socket_path=$(get_config unix_socket_directory) -: ${socket_path:=/run/postgresql} - -checkconfig() { - # Check that DATA_DIR has been set - if [ -z ${DATA_DIR} ] ; then - eerror "DATA_DIR not set" - eerror "HINT: Perhaps you need to update /etc/conf.d/postgresql-@SLOT@" - return 1 - fi - - # Check that DATA_DIR exists - if [ ! -d ${DATA_DIR} ] ; then - eerror "Directory not found: ${DATA_DIR}" - eerror "HINT: Ensure that DATA_DIR points to the right path." - eerror "HINT: Or perhaps you need to create the database cluster:" - eerror " emerge --config dev-db/postgresql:@SLOT@" - return 1 - fi - - # Check for the existence of PostgreSQL's config files, and set the - # proper mode and ownership. - # Only three files should be checked as potentially other files - # may be in PGDATA that should not be touched. - local file - for file in postgresql pg_hba pg_ident ; do - file="${PGDATA%/}/${file}.conf" - if [ -f ${file} ] ; then - checkpath -f -m 0600 -o postgres:postgres ${file} - else - eerror "${file} not found" - eerror "HINT: mv ${DATA_DIR%/}/*.conf ${PGDATA}" - return 1 - fi - done - - # Set the proper permission for the socket path and create it if - # it doesn't exist. - checkpath -d -m 1775 -o postgres:postgres ${socket_path} - if [ -e ${socket_path%/}/.s.PGSQL.${configured_port} ] ; then - eerror "Socket conflict." - eerror "A server is already listening on:" - eerror " ${socket_path%/}/.s.PGSQL.${configured_port}" - eerror "HINT: Change PGPORT to listen on a different socket." - return 1 - fi -} - -start() { - checkconfig || return 1 - - ebegin "Starting PostgreSQL" - - rm -f ${DATA_DIR%/}/postmaster.pid - - local extraenv - local x - for x in ${PG_EXTRA_ENV} ; do - extraenv="${extraenv} --env ${x}" - done - - start-stop-daemon --start \ - --user postgres \ - --env "PGPORT=${configured_port}" \ - ${extraenv} \ - --pidfile ${DATA_DIR%/}/postmaster.pid \ - --exec /usr/@LIBDIR@/postgresql-@SLOT@/bin/pg_ctl \ - -- start -s -w -t ${START_TIMEOUT} -l ${DATA_DIR%/}/postmaster.log \ - -D ${PGDATA} -o "--data-directory=${DATA_DIR} ${PGOPTS}" - local retval=$? - - if [ $retval -ne 0 ] ; then - eerror "Check the log for a possible explanation of the above error. The log may be" - eerror " ${DATA_DIR%/}/postmaster.log" - eerror "Or wherever you configured PostgreSQL @SLOT@ log messages to be sent." - eend $retval - return $retval - fi - - eend $retval -} - -stop() { - local seconds=$(( ${NICE_TIMEOUT} + ${RUDE_TIMEOUT} + ${FORCE_TIMEOUT} )) - ebegin "Stopping PostgreSQL (this can take up to ${seconds} seconds)" - - local retval - local retries=SIGTERM/${NICE_TIMEOUT} - - if [ "${RUDE_QUIT}" != "NO" ] ; then - einfo "RUDE_QUIT enabled." - retries="${retries}/SIGINT/${RUDE_TIMEOUT}" - fi - if [ "${FORCE_QUIT}" = "YES" ] ; then - einfo "FORCE_QUIT enabled." - ewarn "A recover-run might be executed on next startup." - retries="${retries}/SIGQUIT/${FORCE_TIMEOUT}" - fi - - # Loops through nice, rude, and force quit in one go. - start-stop-daemon --stop \ - --exec /usr/@LIBDIR@/postgresql-@SLOT@/bin/postgres \ - --retry ${retries} \ - --pidfile ${DATA_DIR%/}/postmaster.pid - - eend -} - -reload() { - ebegin "Reloading PostgreSQL configuration" - kill -HUP $(head -n1 ${DATA_DIR%/}/postmaster.pid) - eend $? -} diff --git a/dev-db/postgresql/files/postgresql.init-9.3 b/dev-db/postgresql/files/postgresql.init-9.3 deleted file mode 100644 index ffecea7a757c..000000000000 --- a/dev-db/postgresql/files/postgresql.init-9.3 +++ /dev/null @@ -1,142 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -extra_started_commands="reload" - -get_config() { - [ -f ${PGDATA%/}/postgresql.conf ] || return 1 - - eval echo $(sed -e 's:#.*::' ${PGDATA%/}/postgresql.conf \ - | awk '$1 == "'$1'" { print ($2 == "=" ? $3 : $2) }') -} - -depend() { - use net - provide postgresql - - if [ "$(get_config log_destination)" = "syslog" ]; then - use logger - fi -} - -configured_port=$(get_config port) -: ${configured_port:=${PGPORT}} -socket_paths=$(get_config unix_socket_directories) -: ${socket_paths:=/run/postgresql} - -checkconfig() { - # Check that DATA_DIR has been set - if [ -z ${DATA_DIR} ] ; then - eerror "DATA_DIR not set" - eerror "HINT: Perhaps you need to update /etc/conf.d/postgresql-@SLOT@" - return 1 - fi - - # Check that DATA_DIR exists - if [ ! -d ${DATA_DIR} ] ; then - eerror "Directory not found: ${DATA_DIR}" - eerror "HINT: Ensure that DATA_DIR points to the right path." - eerror "HINT: Or perhaps you need to create the database cluster:" - eerror " emerge --config dev-db/postgresql:@SLOT@" - return 1 - fi - - # Check for the existence of PostgreSQL's config files, and set the - # proper mode and ownership. - # Only three files should be checked as potentially other files - # may be in PGDATA that should not be touched. - local file - for file in postgresql pg_hba pg_ident ; do - file="${PGDATA%/}/${file}.conf" - if [ -f ${file} ] ; then - checkpath -f -m 0600 -o postgres:postgres ${file} - else - eerror "${file} not found" - eerror "HINT: mv ${DATA_DIR%/}/*.conf ${PGDATA}" - return 1 - fi - done - - # Set the proper permission for the socket paths and create it if - # it doesn't exist. - set -f; IFS=',' - local s - for s in ${socket_paths}; do - checkpath -d -m 1775 -o postgres:postgres ${s} - if [ -e ${s%/}/.s.PGSQL.${configured_port} ] ; then - eerror "Socket conflict." - eerror "A server is already listening on:" - eerror " ${s%/}/.s.PGSQL.${configured_port}" - eerror "HINT: Change PGPORT to listen on a different socket." - return 1 - fi - done - set +f; unset IFS -} - -start() { - checkconfig || return 1 - - ebegin "Starting PostgreSQL" - - rm -f ${DATA_DIR%/}/postmaster.pid - - local extraenv - local x - for x in ${PG_EXTRA_ENV} ; do - extraenv="${extraenv} --env ${x}" - done - - start-stop-daemon --start \ - --user postgres \ - --env "PGPORT=${configured_port}" \ - ${extraenv} \ - --pidfile ${DATA_DIR%/}/postmaster.pid \ - --exec /usr/@LIBDIR@/postgresql-@SLOT@/bin/pg_ctl \ - -- start -s -w -t ${START_TIMEOUT} -l ${DATA_DIR%/}/postmaster.log \ - -D ${PGDATA} -o "--data-directory=${DATA_DIR} ${PGOPTS}" - local retval=$? - - if [ $retval -ne 0 ] ; then - eerror "Check the log for a possible explanation of the above error. The log may be" - eerror " ${DATA_DIR%/}/postmaster.log" - eerror "Or wherever you configured PostgreSQL @SLOT@ log messages to be sent." - eend $retval - return $retval - fi - - eend $retval -} - -stop() { - local seconds=$(( ${NICE_TIMEOUT} + ${RUDE_TIMEOUT} + ${FORCE_TIMEOUT} )) - ebegin "Stopping PostgreSQL (this can take up to ${seconds} seconds)" - - local retval - local retries=SIGTERM/${NICE_TIMEOUT} - - if [ "${RUDE_QUIT}" != "NO" ] ; then - einfo "RUDE_QUIT enabled." - retries="${retries}/SIGINT/${RUDE_TIMEOUT}" - fi - if [ "${FORCE_QUIT}" = "YES" ] ; then - einfo "FORCE_QUIT enabled." - ewarn "A recover-run might be executed on next startup." - retries="${retries}/SIGQUIT/${FORCE_TIMEOUT}" - fi - - # Loops through nice, rude, and force quit in one go. - start-stop-daemon --stop \ - --exec /usr/@LIBDIR@/postgresql-@SLOT@/bin/postgres \ - --retry ${retries} \ - --pidfile ${DATA_DIR%/}/postmaster.pid - - eend -} - -reload() { - ebegin "Reloading PostgreSQL configuration" - kill -HUP $(head -n1 ${DATA_DIR%/}/postmaster.pid) - eend $? -} diff --git a/dev-db/postgresql/files/postgresql.service b/dev-db/postgresql/files/postgresql.service deleted file mode 100644 index a607169d22f4..000000000000 --- a/dev-db/postgresql/files/postgresql.service +++ /dev/null @@ -1,55 +0,0 @@ -# It's not recommended to modify this file in-place, because it will be -# overwritten during package upgrades. If you want to customize, the -# best way is to create file -# "/etc/systemd/system/postgresql-@SLOT@.service.d/*.conf" -# containing your changes - -# For example, if you want to change the server's port number to 5433, -# create a file named -# "/etc/systemd/system/postgresql-@SLOT@.service.d/port.conf" -# containing: -# [Service] -# Environment=PGPORT=5433 -# This will override the setting appearing below. - -[Unit] -Description=PostgreSQL database server -After=network.target - -[Service] -Type=forking - -User=postgres -Group=postgres - -# Port number for server to listen on -Environment=PGPORT=5432 - -# Location of configuration files -Environment=PGDATA=/etc/postgresql-@SLOT@ - -# Where the data directory is located -Environment=DATA_DIR=/var/lib/postgresql/@SLOT@/data - -# Where to send early-startup messages from the server (before the logging -# options of postgresql.conf take effect) -# This is normally controlled by the global default set by systemd -# StandardOutput=syslog - -ExecStartPre=/usr/bin/postgresql-@SLOT@-check-db-dir -ExecStart=/usr/@LIBDIR@/postgresql-@SLOT@/bin/pg_ctl start -D ${DATA_DIR} -s -l ${DATA_DIR}/postmaster.log -o "-p ${PGPORT} -D ${PGDATA} --data-directory=${DATA_DIR}" -w -t 300 -ExecStop=/usr/@LIBDIR@/postgresql-@SLOT@/bin/pg_ctl stop -D ${DATA_DIR} -s -m fast -ExecReload=/usr/@LIBDIR@/postgresql-@SLOT@/bin/pg_ctl reload -D ${DATA_DIR} -s - -# Give a reasonable amount of time for the server to start up/shut down -TimeoutSec=300 - -# Disable OOM kill on the postmaster -OOMScoreAdjust=-1000 - -# Make sure the required runtimedir is present -RuntimeDirectory=postgresql -RuntimeDirectoryMode=1775 - -[Install] -WantedBy=multi-user.target diff --git a/dev-db/postgresql/files/postgresql.service-9.6 b/dev-db/postgresql/files/postgresql.service-9.6 deleted file mode 100644 index 89ec2d5cf7c0..000000000000 --- a/dev-db/postgresql/files/postgresql.service-9.6 +++ /dev/null @@ -1,56 +0,0 @@ -# It's not recommended to modify this file in-place, because it will be -# overwritten during package upgrades. If you want to customize, the -# best way is to create file -# "/etc/systemd/system/postgresql-@SLOT@.service.d/*.conf" -# containing your changes - -# For example, if you want to change the server's port number to 5433, -# create a file named -# "/etc/systemd/system/postgresql-@SLOT@.service.d/port.conf" -# containing: -# [Service] -# Environment=PGPORT=5433 -# This will override the setting appearing below. - -[Unit] -Description=PostgreSQL database server -After=network.target - -[Service] -Type=notify - -User=postgres -Group=postgres - -# Port number for server to listen on -Environment=PGPORT=5432 - -# Location of configuration files -Environment=PGDATA=/etc/postgresql-@SLOT@ - -# Where the data directory is located -Environment=DATA_DIR=/var/lib/postgresql/@SLOT@/data - -# Where to send early-startup messages from the server (before the logging -# options of postgresql.conf take effect) -# This is normally controlled by the global default set by systemd -# StandardOutput=syslog - -ExecStartPre=/usr/bin/postgresql-@SLOT@-check-db-dir -ExecStart=/usr/@LIBDIR@/postgresql-@SLOT@/bin/postgres -p ${PGPORT} -D ${DATA_DIR} -ExecReload=/bin/kill -HUP $MAINPID -KillMode=mixed -KillSignal=SIGINT - -# Give a reasonable amount of time for the server to start up/shut down -TimeoutSec=300 - -# Disable OOM kill on the postmaster -OOMScoreAdjust=-1000 - -# Make sure the required runtimedir is present -RuntimeDirectory=postgresql -RuntimeDirectoryMode=1775 - -[Install] -WantedBy=multi-user.target -- cgit v1.2.3-65-gdbad