diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2015-05-29 17:02:58 -0400 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2015-05-29 17:02:58 -0400 |
| commit | 1943c000b7a22d3ca334196cfe3f7b8159b210c2 (patch) | |
| tree | 94f1c0ee02196cc1b03e8f8e721937491d8e9816 /src | |
| parent | 57e1138bcc621ffeb8b1f1379ac4016a5c34d43e (diff) | |
| download | postgresql-1943c000b7a22d3ca334196cfe3f7b8159b210c2.tar.gz postgresql-1943c000b7a22d3ca334196cfe3f7b8159b210c2.zip | |
initdb -S should now have an explicit check that $PGDATA is valid.
The fsync code from the backend essentially assumes that somebody's already
validated PGDATA, at least to the extent of it being a readable directory.
That's safe enough for initdb's normal code path too, but "initdb -S"
doesn't have any other processing at all that touches the target directory.
To have reasonable error-case behavior, add a pg_check_dir call.
Per gripe from Peter E.
Diffstat (limited to 'src')
| -rw-r--r-- | src/bin/initdb/initdb.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c index 6a73e9688bc..feeff9e864f 100644 --- a/src/bin/initdb/initdb.c +++ b/src/bin/initdb/initdb.c @@ -3564,10 +3564,19 @@ main(int argc, char *argv[]) exit(1); } - /* If we only need to fsync, just to it and exit */ + /* If we only need to fsync, just do it and exit */ if (sync_only) { setup_pgdata(); + + /* must check that directory is readable */ + if (pg_check_dir(pg_data) <= 0) + { + fprintf(stderr, _("%s: could not access directory \"%s\": %s\n"), + progname, pg_data, strerror(errno)); + exit_nicely(); + } + fsync_pgdata(); return 0; } |