Peter J. Holzer wrote: > On 2019-02-27 12:33:02 +0100, Julien Rouhaud wrote: > > On Wed, Feb 27, 2019 at 12:22 PM Luca Ferrari <fluca1978@xxxxxxxxx> wrote: > > > > > > What's wrong with using a mountpoint? > > > > You can see most obvious reasons at > > https://bugzilla.redhat.com/show_bug.cgi?id=1247477 > > I see only one good reason there: The fact that pg_upgrade needs write > access to the parent directory. Of course that alone might suffice. > > The other reasons aren't good IMHO. > > The first one (initdb checks for an empty directory) is more "We > disallow it, therefore it is a bad idea" than a reason for disallowing > it. > > The second is just wrong: You can have a non-root owned mount-point on > any Unixoid system I've worked with. (And I don't see why that would be > a security problem) > > The third is wrong at least on Debian: All server processes have > /var/lib/postgresql/$version/$cluster as their working directory, so it > cannot be unmounted while the database is up. Even if you could, the > server would either immediately lose access to all files (in which case > you could recover) or it would keep access to all files (so, not a > problem). Plus being in a subdirectory wouldn't change that. Maybe it's > a potential problem with other layouts. > > hp > > -- > _ | Peter J. Holzer | we build much bigger, better disasters now > |_|_) | | because we have much more sophisticated > | | | hjp@xxxxxx | management tools. > __/ | http://www.hjp.at/ | -- Ross Anderson <https://www.edge.org/> I didn't know you weren't supposed to do that. I've been using ecryptfs mountpoints for my data directories for ages without problem. Ecryptfs doesn't create lost+found and the underlying directory is owned by the postgres user and so the mountpoint is as well (even though it is mounted by root). However, the parent directory is root-owned so I guess pg_upgrade wouldn't work. But I've never used pg_upgrade so I've never encountered that problem. Also, if it's not mounted, the underlying directory isn't empty but postgresql can tell something's not right and it won't start if told to do so prematurely. But the next time I upgrade, I might put the data directory in a sub-directory of the mountpoint in case I ever want to start using pg_upgrade. It would also mean I only need a single ecryptfs mountpoint. At the moment, I create a new one for each major upgrade which seems silly. cheers, raf
