From c6e1bc205a915d8eff53fec2ffd1f9a54d9861b9 Mon Sep 17 00:00:00 2001 From: Ian Barwick Date: Mon, 22 Feb 2016 14:58:17 +0900 Subject: [PATCH] Prevent repmgr/repmgrd running as root --- HISTORY | 1 + repmgr.c | 15 ++++++++++++++- repmgrd.c | 14 ++++++++++++++ 3 files changed, 29 insertions(+), 1 deletion(-) diff --git a/HISTORY b/HISTORY index e9a27ec3..37961114 100644 --- a/HISTORY +++ b/HISTORY @@ -1,5 +1,6 @@ 3.1.1 2016-02- Add '-P/--pwprompt' option for "repmgr create witness" (Ian) + Prevent repmgr/repmgrd running as root (Ian) 3.1.0 2016-02-01 Add "repmgr standby switchover" command (Ian) diff --git a/repmgr.c b/repmgr.c index edfc0a9e..37f38eaa 100644 --- a/repmgr.c +++ b/repmgr.c @@ -198,6 +198,19 @@ main(int argc, char **argv) set_progname(argv[0]); + /* Disallow running as root to prevent directory ownership problems */ + if (geteuid() == 0) + { + fprintf(stderr, + _("%s: cannot be run as root\n" + "Please log in (using, e.g., \"su\") as the " + "(unprivileged) user that owns\n" + "the data directory.\n" + ), + progname()); + exit(1); + } + /* Initialise some defaults */ /* set default user */ @@ -212,7 +225,7 @@ main(int argc, char **argv) } else { - fprintf(stderr, "could not get current user name: %s\n", strerror(errno)); + fprintf(stderr, _("could not get current user name: %s\n"), strerror(errno)); exit(ERR_BAD_CONFIG); } } diff --git a/repmgrd.c b/repmgrd.c index 654c1898..bb4d3d06 100644 --- a/repmgrd.c +++ b/repmgrd.c @@ -142,6 +142,20 @@ main(int argc, char **argv) set_progname(argv[0]); + /* Disallow running as root to prevent directory ownership problems */ + if (geteuid() == 0) + { + fprintf(stderr, + _("%s: cannot be run as root\n" + "Please log in (using, e.g., \"su\") as the " + "(unprivileged) user that owns " + "the data directory.\n" + ), + progname()); + exit(1); + } + + while ((c = getopt_long(argc, argv, "?Vf:vmdp:", long_options, &optindex)) != -1) { switch (c)