*) LISTEN_ADDRESSES="" ;;
esac
-POSTMASTER_OPTS="-F -c listen_addresses=$LISTEN_ADDRESSES"
-
temp_root=$PWD/tmp_check
if [ "$1" = '--install' ]; then
PGSSLMODE=""; unset PGSSLMODE
PGREQUIRESSL=""; unset PGREQUIRESSL
PGCONNECT_TIMEOUT=""; unset PGCONNECT_TIMEOUT
-PGHOST=""; unset PGHOST
PGHOSTADDR=""; unset PGHOSTADDR
-# Select a non-conflicting port number, similarly to pg_regress.c
+# Select a port number and socket directory, similarly to pg_regress.c
PG_VERSION_NUM=`grep '#define PG_VERSION_NUM' $newsrc/src/include/pg_config.h | awk '{print $3}'`
PGPORT=`expr $PG_VERSION_NUM % 16384 + 49152`
export PGPORT
+PGHOST=${PG_REGRESS_SOCK_DIR-$PGDATA}
+export PGHOST
+
+POSTMASTER_OPTS="-F -c listen_addresses=$LISTEN_ADDRESSES -k \"$PGHOST\""
i=0
while psql -X postgres </dev/null 2>/dev/null
<warning>
<para>
- This test method starts a temporary server, which is configured to accept
- any connection originating on the local machine. Any local user can gain
- database superuser privileges when connecting to this server, and could
- in principle exploit all privileges of the operating-system user running
- the tests. Therefore, it is not recommended that you use <literal>gmake
- check</> on machines shared with untrusted users. Instead, run the tests
- after completing the installation, as described in the next section.
- </para>
-
- <para>
- On Unix-like machines, this danger can be avoided if the temporary
- server's socket file is made inaccessible to other users, for example
- by running the tests in a protected chroot. On Windows, the temporary
- server opens a locally-accessible TCP socket, so filesystem protections
- cannot help.
+ On systems lacking Unix-domain sockets, notably Windows, this test method
+ starts a temporary server configured to accept any connection originating
+ on the local machine. Any local user can gain database superuser
+ privileges when connecting to this server, and could in principle exploit
+ all privileges of the operating-system user running the tests. Therefore,
+ it is not recommended that you use <literal>gmake check</> on an affected
+ system shared with untrusted users. Instead, run the tests after
+ completing the installation, as described in the next section.
</para>
</warning>
</screen>
runs no more than ten tests concurrently.
</para>
+
+ <para>
+ To protect your operating system user account, the test driver places the
+ server's socket in a relative subdirectory inaccessible to other users.
+ Since most systems constrain the length of socket paths well
+ below <literal>_POSIX_PATH_MAX</>, testing may fail to start from a
+ directory with a long name. Work around this problem by pointing
+ the <envar>PG_REGRESS_SOCK_DIR</> environment variable to a substitute
+ socket directory having a shorter path. On a multi-user system, give that
+ directory mode <literal>0700</>.
+ </para>
</sect2>
<sect2>
static char *logfilename;
static FILE *logfile;
static char *difffilename;
+static char *sockdir;
static _resultmap *resultmap = NULL;
* the wrong postmaster, or otherwise behave in nondefault ways. (Note
* we also use psql's -X switch consistently, so that ~/.psqlrc files
* won't mess things up.) Also, set PGPORT to the temp port, and set
- * or unset PGHOST depending on whether we are using TCP or Unix
- * sockets.
+ * PGHOST depending on whether we are using TCP or Unix sockets.
*/
unsetenv("PGDATABASE");
unsetenv("PGUSER");
if (hostname != NULL)
doputenv("PGHOST", hostname);
else
- unsetenv("PGHOST");
+ {
+ sockdir = getenv("PG_REGRESS_SOCK_DIR");
+ if (!sockdir)
+ {
+ /*
+ * Since initdb creates the data directory with secure
+ * permissions, we place the socket there. This ensures no
+ * other OS user can open our socket to exploit our use of
+ * trust authentication. Compared to using the compiled-in
+ * DEFAULT_PGSOCKET_DIR, this also permits testing to work in
+ * builds that relocate it to a directory not writable to the
+ * build/test user.
+ */
+ sockdir = malloc(strlen(temp_install) + sizeof("/data"));
+ sprintf(sockdir, "%s/data", temp_install);
+ }
+ doputenv("PGHOST", sockdir);
+ }
unsetenv("PGHOSTADDR");
if (port != -1)
{
*/
header(_("starting postmaster"));
snprintf(buf, sizeof(buf),
- SYSTEMQUOTE "\"%s/postgres\" -D \"%s/data\" -F%s -c \"listen_addresses=%s\" > \"%s/log/postmaster.log\" 2>&1" SYSTEMQUOTE,
- bindir, temp_install,
- debug ? " -d 5" : "",
- hostname ? hostname : "",
+ SYSTEMQUOTE "\"%s/postgres\" -D \"%s/data\" -F%s "
+ "-c \"listen_addresses=%s\" -k \"%s\" "
+ "> \"%s/log/postmaster.log\" 2>&1" SYSTEMQUOTE,
+ bindir, temp_install, debug ? " -d 5" : "",
+ hostname ? hostname : "", sockdir ? sockdir : "",
outputdir);
postmaster_pid = spawn_process(buf);
if (postmaster_pid == INVALID_PID)
projects / postgresql / commitdiff