Refactor dir/file permissions

Consolidate directory and file create permissions for tools which work with the PG data directory by adding a new module (common/file_perm.c) that contains variables (pg_file_create_mode, pg_dir_create_mode) and constants to initialize them (0600 for files and 0700 for directories). Convert mkdir() calls in the backend to MakePGDirectory() if the original call used default permissions (always the case for regular PG directories). Add tests to make sure permissions in PGDATA are set correctly by the tools which modify the PG data directory. Authors: David Steele <david@pgmasters.net>, Adam Brightwell <adam.brightwell@crunchydata.com> Reviewed-By: Michael Paquier, with discussion amongst many others. Discussion: https://postgr.es/m/ad346fe6-b23e-59f1-ecb7-0e08390ad629%40pgmasters.net
2025-06-16 06:01:02 +03:00 · 2018-04-07 17:45:39 -04:00
parent 499be013de
commit da9b580d89
34 changed files with 330 additions and 75 deletions
--- a/src/test/perl/TestLib.pm
+++ b/src/test/perl/TestLib.pm
@ -13,8 +13,11 @@ use warnings;
 use Config;
 use Cwd;
 use Exporter 'import';
+use Fcntl qw(:mode);
 use File::Basename;
+use File::Find;
 use File::Spec;
+use File::stat qw(stat);
 use File::Temp ();
 use IPC::Run;
 use SimpleTee;
@ -27,6 +30,7 @@ our @EXPORT = qw(
  slurp_dir
  slurp_file
  append_to_file
+  check_mode_recursive
  check_pg_config
  system_or_bail
  system_log
@ -240,6 +244,75 @@ sub append_to_file
 	close $fh;
 }

+# Check that all file/dir modes in a directory match the expected values,
+# ignoring the mode of any specified files.
+sub check_mode_recursive
+{
+	my ($dir, $expected_dir_mode, $expected_file_mode, $ignore_list) = @_;
+
+	# Result defaults to true
+	my $result = 1;
+
+	find
+	(
+		{follow_fast => 1,
+		wanted =>
+			sub
+			{
+				my $file_stat = stat($File::Find::name);
+
+				# Is file in the ignore list?
+				foreach my $ignore ($ignore_list ? @{$ignore_list} : [])
+				{
+					if ("$dir/$ignore" eq $File::Find::name)
+					{
+						return;
+					}
+				}
+
+				defined($file_stat)
+					or die("unable to stat $File::Find::name");
+
+				my $file_mode = S_IMODE($file_stat->mode);
+
+				# Is this a file?
+				if (S_ISREG($file_stat->mode))
+				{
+					if ($file_mode != $expected_file_mode)
+					{
+						print(*STDERR,
+							sprintf("$File::Find::name mode must be %04o\n",
+							$expected_file_mode));
+
+						$result = 0;
+						return;
+					}
+				}
+				# Else a directory?
+				elsif (S_ISDIR($file_stat->mode))
+				{
+					if ($file_mode != $expected_dir_mode)
+					{
+						print(*STDERR,
+							sprintf("$File::Find::name mode must be %04o\n",
+							$expected_dir_mode));
+
+						$result = 0;
+						return;
+					}
+				}
+				# Else something we can't handle
+				else
+				{
+					die "unknown file type for $File::Find::name";
+				}
+			}},
+		$dir
+	);
+
+	return $result;
+}
+
 # Check presence of a given regexp within pg_config.h for the installation
 # where tests are running, returning a match status result depending on
 # that.