Bug 242237 - Please change postgresql init scripts so that postgres can have /sbin/nologin as a shell
Summary: Please change postgresql init scripts so that postgres can have /sbin/nologin...
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: postgresql (Show other bugs)
(Show other bugs)
Version: 7
Hardware: All Linux
low
low
Target Milestone: ---
Assignee: Tom Lane
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-06-02 15:23 UTC by Bruno Wolff III
Modified: 2015-02-13 20:50 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-02 17:10:02 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Bruno Wolff III 2007-06-02 15:23:35 UTC
Description of problem:
Changing postgres' shell to /sbin/nologin as an extra security backstop breaks
the postgresql init scrip because it uses the -l option to su/runuser.

Version-Release number of selected component (if applicable):
8.2.3-2.fc7

How reproducible:
100%

Steps to Reproduce:
1. chsh -s /sbin/nologin postgres
2. service postgresql restart
3.
  
Actual results:
The command fails.

Expected results:
The command succeeds.

Additional info:
There doesn't seem to be a good reason to do this. I looked at the scripts and
the passed pathnames appeared to be absolute. If the locales are set differently
in postgres' dotfiles than root's or the invocers then this will affect initdb.
But I am not sure that the current behavior is any more expected, then using
root's locale and in the normal case they'll be the same.

Comment 1 Tom Lane 2007-06-02 17:10:02 UTC
Well, in the first place I disagree with not allowing someone to su to postgres --- that's a useful thing to 
do for maintenance/diagnostic purposes.  In the second place, we can't just remove the -l option because 
that installs possibly-important environment settings for the postmaster.  Accordingly, this is not a bug in 
my judgment.

Comment 2 Bruno Wolff III 2007-06-03 18:34:54 UTC
You are correct. I could have sworn that having /sbin/nologin only blocked su -l,
no su without the -l. But after testing it to verify what you said, I withdraw
my request. Sorry about bugging you about this one.


Note You need to log in before you can comment on or make changes to this bug.