Tablespace check shows success when using an unprivileged user

Question

Tablespace check shows success when using an unprivileged user

Closed this issue 3 months ago · 1 comments

When using the OS user as Ubuntu, it shows tablespace check is a success as it cannot access the data directory owned by postgres user

Command

$ pgdsat -U postgres -h localhost -d mani -p 5432 -D /var/lib/postgresql/16/main -f text -o report_ubuntu.html
cat: /var/lib/postgresql/16/main/PG_VERSION: Permission denied
ls: cannot access '/var/lib/postgresql/16/main/pg_wal': Permission denied
ls: cannot open directory '/var/lib/postgresql/16/main': Permission denied
ls: cannot open directory '/var/lib/postgresql/16/main/': Permission denied

Result

$ cat report_ubuntu.html | egrep -i "Ensure tablespace location is not inside the PGDATA"
1.6 - Ensure tablespace location is not inside the PGDATA => SUCCESS
    # 1.6 - Ensure tablespace location is not inside the PGDATA

Answer 1 · 2024-04-19T02:26:17.000Z

Commit ef21a23 fixes this issue by checking privilege on the PGDATA at init.