diff --git a/src/backend/main/main.c b/src/backend/main/main.c index e8effe50242..2065061b5bb 100644 --- a/src/backend/main/main.c +++ b/src/backend/main/main.c @@ -190,10 +190,6 @@ main(int argc, char *argv[]) do_check_root = false; } - /* - * Make sure we are not running as root, unless it's safe for the selected - * option. - */ if (do_check_root) check_root(progname); @@ -445,41 +441,6 @@ help(const char *progname) static void check_root(const char *progname) { -#ifndef WIN32 - if (geteuid() == 0) - { - write_stderr("\"root\" execution of the PostgreSQL server is not permitted.\n" - "The server must be started under an unprivileged user ID to prevent\n" - "possible system security compromise. See the documentation for\n" - "more information on how to properly start the server.\n"); - exit(1); - } - - /* - * Also make sure that real and effective uids are the same. Executing as - * a setuid program from a root shell is a security hole, since on many - * platforms a nefarious subroutine could setuid back to root if real uid - * is root. (Since nobody actually uses postgres as a setuid program, - * trying to actively fix this situation seems more trouble than it's - * worth; we'll just expend the effort to check for it.) - */ - if (getuid() != geteuid()) - { - write_stderr("%s: real and effective user IDs must match\n", - progname); - exit(1); - } -#else /* WIN32 */ - if (pgwin32_is_admin()) - { - write_stderr("Execution of PostgreSQL by a user with administrative permissions is not\n" - "permitted.\n" - "The server must be started under an unprivileged user ID to prevent\n" - "possible system security compromises. See the documentation for\n" - "more information on how to properly start the server.\n"); - exit(1); - } -#endif /* WIN32 */ } /* diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c index 21a0fe3ecd9..2aa44cc9ab8 100644 --- a/src/bin/initdb/initdb.c +++ b/src/bin/initdb/initdb.c @@ -815,15 +815,6 @@ get_id(void) { const char *username; -#ifndef WIN32 - if (geteuid() == 0) /* 0 is root's uid */ - { - pg_log_error("cannot be run as root"); - pg_log_error_hint("Please log in (using, e.g., \"su\") as the (unprivileged) user that will own the server process."); - exit(1); - } -#endif - username = get_user_name_or_exit(progname); return pg_strdup(username); diff --git a/src/bin/pg_basebackup/pg_createsubscriber.c b/src/bin/pg_basebackup/pg_createsubscriber.c index a5a2d61165d..a4021734895 100644 --- a/src/bin/pg_basebackup/pg_createsubscriber.c +++ b/src/bin/pg_basebackup/pg_createsubscriber.c @@ -1977,20 +1977,6 @@ main(int argc, char **argv) }; opt.recovery_timeout = 0; - /* - * Don't allow it to be run as root. It uses pg_ctl which does not allow - * it either. - */ -#ifndef WIN32 - if (geteuid() == 0) - { - pg_log_error("cannot be executed by \"root\""); - pg_log_error_hint("You must run %s as the PostgreSQL superuser.", - progname); - exit(1); - } -#endif - get_restricted_token(); while ((c = getopt_long(argc, argv, "d:D:np:P:s:t:TU:v", diff --git a/src/bin/pg_ctl/pg_ctl.c b/src/bin/pg_ctl/pg_ctl.c index 8a405ff122c..84195a3b8c6 100644 --- a/src/bin/pg_ctl/pg_ctl.c +++ b/src/bin/pg_ctl/pg_ctl.c @@ -2235,7 +2235,6 @@ main(int argc, char **argv) /* Set restrictive mode mask until PGDATA permissions are checked */ umask(PG_MODE_MASK_OWNER); - /* support --help and --version even if invoked as root */ if (argc > 1) { if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0) @@ -2250,21 +2249,6 @@ main(int argc, char **argv) } } - /* - * Disallow running as root, to forestall any possible security holes. - */ -#ifndef WIN32 - if (geteuid() == 0) - { - write_stderr(_("%s: cannot be run as root\n" - "Please log in (using, e.g., \"su\") as the " - "(unprivileged) user that will\n" - "own the server process.\n"), - progname); - exit(1); - } -#endif - env_wait = getenv("PGCTLTIMEOUT"); if (env_wait != NULL) wait_seconds = atoi(env_wait); diff --git a/src/bin/pg_resetwal/pg_resetwal.c b/src/bin/pg_resetwal/pg_resetwal.c index 31bc0abff16..951de872d77 100644 --- a/src/bin/pg_resetwal/pg_resetwal.c +++ b/src/bin/pg_resetwal/pg_resetwal.c @@ -347,22 +347,6 @@ main(int argc, char *argv[]) exit(1); } - /* - * Don't allow pg_resetwal to be run as root, to avoid overwriting the - * ownership of files in the data directory. We need only check for root - * -- any other user won't have sufficient permissions to modify files in - * the data directory. - */ -#ifndef WIN32 - if (geteuid() == 0) - { - pg_log_error("cannot be executed by \"root\""); - pg_log_error_hint("You must run %s as the PostgreSQL superuser.", - progname); - exit(1); - } -#endif - get_restricted_token(); /* Set mask based on PGDATA permissions */ diff --git a/src/bin/pg_rewind/pg_rewind.c b/src/bin/pg_rewind/pg_rewind.c index 2ce99d06d1d..33e0a61c360 100644 --- a/src/bin/pg_rewind/pg_rewind.c +++ b/src/bin/pg_rewind/pg_rewind.c @@ -270,22 +270,6 @@ main(int argc, char **argv) exit(1); } - /* - * Don't allow pg_rewind to be run as root, to avoid overwriting the - * ownership of files in the data directory. We need only check for root - * -- any other user won't have sufficient permissions to modify files in - * the data directory. - */ -#ifndef WIN32 - if (geteuid() == 0) - { - pg_log_error("cannot be executed by \"root\""); - pg_log_error_hint("You must run %s as the PostgreSQL superuser.", - progname); - exit(1); - } -#endif - get_restricted_token(); /* Set mask based on PGDATA permissions */ diff --git a/src/bin/pg_upgrade/option.c b/src/bin/pg_upgrade/option.c index 188dd8d8a8b..cdd032be0fc 100644 --- a/src/bin/pg_upgrade/option.c +++ b/src/bin/pg_upgrade/option.c @@ -104,10 +104,6 @@ parseCommandLine(int argc, char *argv[]) } } - /* Allow help and version to be run as root, so do the test here. */ - if (os_user_effective_id == 0) - pg_fatal("%s: cannot be run as root", os_info.progname); - while ((option = getopt_long(argc, argv, "b:B:cd:D:j:kNo:O:p:P:rs:U:v", long_options, &optindex)) != -1) {