[pgpool-general: 4688] Re: Pgpool sudo for virtual IP vs run as root
Lucas Luengas
lucasluengas at gmail.com
Wed May 18 04:21:19 JST 2016
Hello.
I am using sudo. This is my configuration:
- File pgpool.conf:
ifconfig_path = '/usr/bin'
if_up_cmd = 'sudo ifconfig eth0:0 inet $_IP_$ netmask 255.255.255.0'
if_down_cmd = 'sudo ifconfig eth0:0 down'
arping_path = '/usr/bin'
arping_cmd = 'sudo arping -U $_IP_$ -w 1'
- File /etc/sudoers (edit with visudo command). At the end of file write
this:
Defaults:postgres !requiretty
postgres ALL=NOPASSWD: /sbin/ifconfig,/usr/sbin/arping
I am using pgpool installed from pgpool yum repository.
Regards.
On Mon, May 16, 2016 at 1:50 PM, Piotr Gbyliczek <
piotr.gbyliczek at reconnix.com> wrote:
> On Monday 16 May 2016 11:36:55 Avi Weinberg wrote:
> > Hi all,
> >
> > I have permission issue with adding and removing the virtual IP. I added
> > user postgres to the sudoers list. I wanted to add sudo to the
> if_cmd_path
> > or to if_up_cmd but any place I put the sudo caused the service not to
> come
> > up. Where the sudo should be put? Are the only places that sudo is
> needed
> > are for the virtual IP and the arping? Should I start the service as
> root
> > instead?
>
>
> I think documentation suggests setting suid on binaries if you not running
> pgpool as root (which is not recommended). If I remember correctly, just
> ifconfig and arping if I remember.
>
> Regards,
> Piotr
> _______________________________________________
> pgpool-general mailing list
> pgpool-general at pgpool.net
> http://www.pgpool.net/mailman/listinfo/pgpool-general
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pgpool.net/pipermail/pgpool-general/attachments/20160517/213cb7d3/attachment.htm>
More information about the pgpool-general
mailing list