206 lines
6.1 KiB
Diff
206 lines
6.1 KiB
Diff
diff --git a/src/backend/main/main.c b/src/backend/main/main.c
|
|
index e8effe50242..2065061b5bb 100644
|
|
--- a/src/backend/main/main.c
|
|
+++ b/src/backend/main/main.c
|
|
@@ -190,10 +190,6 @@ main(int argc, char *argv[])
|
|
do_check_root = false;
|
|
}
|
|
|
|
- /*
|
|
- * Make sure we are not running as root, unless it's safe for the selected
|
|
- * option.
|
|
- */
|
|
if (do_check_root)
|
|
check_root(progname);
|
|
|
|
@@ -445,41 +441,6 @@ help(const char *progname)
|
|
static void
|
|
check_root(const char *progname)
|
|
{
|
|
-#ifndef WIN32
|
|
- if (geteuid() == 0)
|
|
- {
|
|
- write_stderr("\"root\" execution of the PostgreSQL server is not permitted.\n"
|
|
- "The server must be started under an unprivileged user ID to prevent\n"
|
|
- "possible system security compromise. See the documentation for\n"
|
|
- "more information on how to properly start the server.\n");
|
|
- exit(1);
|
|
- }
|
|
-
|
|
- /*
|
|
- * Also make sure that real and effective uids are the same. Executing as
|
|
- * a setuid program from a root shell is a security hole, since on many
|
|
- * platforms a nefarious subroutine could setuid back to root if real uid
|
|
- * is root. (Since nobody actually uses postgres as a setuid program,
|
|
- * trying to actively fix this situation seems more trouble than it's
|
|
- * worth; we'll just expend the effort to check for it.)
|
|
- */
|
|
- if (getuid() != geteuid())
|
|
- {
|
|
- write_stderr("%s: real and effective user IDs must match\n",
|
|
- progname);
|
|
- exit(1);
|
|
- }
|
|
-#else /* WIN32 */
|
|
- if (pgwin32_is_admin())
|
|
- {
|
|
- write_stderr("Execution of PostgreSQL by a user with administrative permissions is not\n"
|
|
- "permitted.\n"
|
|
- "The server must be started under an unprivileged user ID to prevent\n"
|
|
- "possible system security compromises. See the documentation for\n"
|
|
- "more information on how to properly start the server.\n");
|
|
- exit(1);
|
|
- }
|
|
-#endif /* WIN32 */
|
|
}
|
|
|
|
/*
|
|
diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c
|
|
index 21a0fe3ecd9..2aa44cc9ab8 100644
|
|
--- a/src/bin/initdb/initdb.c
|
|
+++ b/src/bin/initdb/initdb.c
|
|
@@ -815,15 +815,6 @@ get_id(void)
|
|
{
|
|
const char *username;
|
|
|
|
-#ifndef WIN32
|
|
- if (geteuid() == 0) /* 0 is root's uid */
|
|
- {
|
|
- pg_log_error("cannot be run as root");
|
|
- pg_log_error_hint("Please log in (using, e.g., \"su\") as the (unprivileged) user that will own the server process.");
|
|
- exit(1);
|
|
- }
|
|
-#endif
|
|
-
|
|
username = get_user_name_or_exit(progname);
|
|
|
|
return pg_strdup(username);
|
|
diff --git a/src/bin/pg_basebackup/pg_createsubscriber.c b/src/bin/pg_basebackup/pg_createsubscriber.c
|
|
index a5a2d61165d..a4021734895 100644
|
|
--- a/src/bin/pg_basebackup/pg_createsubscriber.c
|
|
+++ b/src/bin/pg_basebackup/pg_createsubscriber.c
|
|
@@ -1977,20 +1977,6 @@ main(int argc, char **argv)
|
|
};
|
|
opt.recovery_timeout = 0;
|
|
|
|
- /*
|
|
- * Don't allow it to be run as root. It uses pg_ctl which does not allow
|
|
- * it either.
|
|
- */
|
|
-#ifndef WIN32
|
|
- if (geteuid() == 0)
|
|
- {
|
|
- pg_log_error("cannot be executed by \"root\"");
|
|
- pg_log_error_hint("You must run %s as the PostgreSQL superuser.",
|
|
- progname);
|
|
- exit(1);
|
|
- }
|
|
-#endif
|
|
-
|
|
get_restricted_token();
|
|
|
|
while ((c = getopt_long(argc, argv, "d:D:np:P:s:t:TU:v",
|
|
diff --git a/src/bin/pg_ctl/pg_ctl.c b/src/bin/pg_ctl/pg_ctl.c
|
|
index 8a405ff122c..84195a3b8c6 100644
|
|
--- a/src/bin/pg_ctl/pg_ctl.c
|
|
+++ b/src/bin/pg_ctl/pg_ctl.c
|
|
@@ -2235,7 +2235,6 @@ main(int argc, char **argv)
|
|
/* Set restrictive mode mask until PGDATA permissions are checked */
|
|
umask(PG_MODE_MASK_OWNER);
|
|
|
|
- /* support --help and --version even if invoked as root */
|
|
if (argc > 1)
|
|
{
|
|
if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0)
|
|
@@ -2250,21 +2249,6 @@ main(int argc, char **argv)
|
|
}
|
|
}
|
|
|
|
- /*
|
|
- * Disallow running as root, to forestall any possible security holes.
|
|
- */
|
|
-#ifndef WIN32
|
|
- if (geteuid() == 0)
|
|
- {
|
|
- write_stderr(_("%s: cannot be run as root\n"
|
|
- "Please log in (using, e.g., \"su\") as the "
|
|
- "(unprivileged) user that will\n"
|
|
- "own the server process.\n"),
|
|
- progname);
|
|
- exit(1);
|
|
- }
|
|
-#endif
|
|
-
|
|
env_wait = getenv("PGCTLTIMEOUT");
|
|
if (env_wait != NULL)
|
|
wait_seconds = atoi(env_wait);
|
|
diff --git a/src/bin/pg_resetwal/pg_resetwal.c b/src/bin/pg_resetwal/pg_resetwal.c
|
|
index 31bc0abff16..951de872d77 100644
|
|
--- a/src/bin/pg_resetwal/pg_resetwal.c
|
|
+++ b/src/bin/pg_resetwal/pg_resetwal.c
|
|
@@ -347,22 +347,6 @@ main(int argc, char *argv[])
|
|
exit(1);
|
|
}
|
|
|
|
- /*
|
|
- * Don't allow pg_resetwal to be run as root, to avoid overwriting the
|
|
- * ownership of files in the data directory. We need only check for root
|
|
- * -- any other user won't have sufficient permissions to modify files in
|
|
- * the data directory.
|
|
- */
|
|
-#ifndef WIN32
|
|
- if (geteuid() == 0)
|
|
- {
|
|
- pg_log_error("cannot be executed by \"root\"");
|
|
- pg_log_error_hint("You must run %s as the PostgreSQL superuser.",
|
|
- progname);
|
|
- exit(1);
|
|
- }
|
|
-#endif
|
|
-
|
|
get_restricted_token();
|
|
|
|
/* Set mask based on PGDATA permissions */
|
|
diff --git a/src/bin/pg_rewind/pg_rewind.c b/src/bin/pg_rewind/pg_rewind.c
|
|
index 2ce99d06d1d..33e0a61c360 100644
|
|
--- a/src/bin/pg_rewind/pg_rewind.c
|
|
+++ b/src/bin/pg_rewind/pg_rewind.c
|
|
@@ -270,22 +270,6 @@ main(int argc, char **argv)
|
|
exit(1);
|
|
}
|
|
|
|
- /*
|
|
- * Don't allow pg_rewind to be run as root, to avoid overwriting the
|
|
- * ownership of files in the data directory. We need only check for root
|
|
- * -- any other user won't have sufficient permissions to modify files in
|
|
- * the data directory.
|
|
- */
|
|
-#ifndef WIN32
|
|
- if (geteuid() == 0)
|
|
- {
|
|
- pg_log_error("cannot be executed by \"root\"");
|
|
- pg_log_error_hint("You must run %s as the PostgreSQL superuser.",
|
|
- progname);
|
|
- exit(1);
|
|
- }
|
|
-#endif
|
|
-
|
|
get_restricted_token();
|
|
|
|
/* Set mask based on PGDATA permissions */
|
|
diff --git a/src/bin/pg_upgrade/option.c b/src/bin/pg_upgrade/option.c
|
|
index 188dd8d8a8b..cdd032be0fc 100644
|
|
--- a/src/bin/pg_upgrade/option.c
|
|
+++ b/src/bin/pg_upgrade/option.c
|
|
@@ -104,10 +104,6 @@ parseCommandLine(int argc, char *argv[])
|
|
}
|
|
}
|
|
|
|
- /* Allow help and version to be run as root, so do the test here. */
|
|
- if (os_user_effective_id == 0)
|
|
- pg_fatal("%s: cannot be run as root", os_info.progname);
|
|
-
|
|
while ((option = getopt_long(argc, argv, "b:B:cd:D:j:kNo:O:p:P:rs:U:v",
|
|
long_options, &optindex)) != -1)
|
|
{
|