kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/databases/postgresql96-server/files/postgresql.in
Palle Girgensohn 3f93622427 PostgreSQL security updates 
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.3, 9.5.7, 9.4.12, 9.3.17, and
9.2.21. This release fixes three security issues. It also patches a number of
other bugs reported over the last three months. Users who use the PGREQUIRESSL
environment variable to control connections, and users who rely on security
isolation between database users when using foreign servers, should update as
soon as possible. Other users should plan to update at the next convenient
downtime.

URL:    https://www.postgresql.org/about/news/1746/
Security:       CVE-2017-7484, CVE-2017-7485, CVE-2017-7486

Also modify rcorder and let sshd start before PostgreSQL, so any problems
during startup can be reviewed promplty from an ssh login.
2017-05-11 14:28:22 +00:00

114 lines
3.1 KiB
Bash
Raw Blame History

#!/bin/sh
# $FreeBSD$
#
# PROVIDE: postgresql
# REQUIRE: sshd
# KEYWORD: shutdown
#
# Add the following line to /etc/rc.conf to enable PostgreSQL:
#
# postgresql_enable="YES"
# # optional
# postgresql_data="/var/db/%%PG_USER%%/data96"
# postgresql_flags="-w -s -m fast"
# postgresql_initdb_flags="--encoding=utf-8 --lc-collate=C"
# postgresql_class="default"
# postgresql_profiles=""
#
# See %%PREFIX%%/share/doc/postgresql/README-server for more info
#
# This scripts takes one of the following commands:
#
# start stop restart reload status initdb
#
# For postmaster startup options, edit ${postgresql_data}/postgresql.conf
command=%%PREFIX%%/bin/pg_ctl
. /etc/rc.subr
load_rc_config postgresql
# set defaults
postgresql_enable=${postgresql_enable:-"NO"}
postgresql_flags=${postgresql_flags:-"-w -s -m fast"}
postgresql_user=${postgresql_user:-"%%PG_USER%%"}
eval postgresql_data=${postgresql_data:-"~${postgresql_user}/data96"}
postgresql_class=${postgresql_class:-"default"}
postgresql_initdb_flags=${postgresql_initdb_flags:-"--encoding=utf-8 --lc-collate=C"}
name=postgresql
rcvar=postgresql_enable
extra_commands="reload initdb"
start_cmd="postgresql_command start"
stop_cmd="postgresql_command stop"
restart_cmd="postgresql_command restart"
reload_cmd="postgresql_command reload"
status_cmd="postgresql_command status"
initdb_cmd="postgresql_initdb"
if [ -n "$2" ]; then
profile="$2"
if [ "x${postgresql_profiles}" != "x" ]; then
eval postgresql_data="\${postgresql_${profile}_data:-}"
if [ "x${postgresql_data}" = "x" ]; then
echo "You must define a data directory (postgresql_${profile}_data)"
exit 1
fi
eval postgresql_enable="\${postgresql_${profile}_enable:-${postgresql_enable}}"
eval postgresql_data="\${postgresql_${profile}_data:-${postgresql_data}}"
eval postgresql_flags="\${postgresql_${profile}_flags:-${postgresql_flags}}"
eval postgresql_initdb_flags="\${postgresql_${profile}_initdb_flags:-${postgresql_initdb_flags}}"
fi
else
if [ "x${postgresql_profiles}" != "x" -a "x$1" != "x" ]; then
for profile in ${postgresql_profiles}; do
eval _enable="\${postgresql_${profile}_enable}"
case "x${_enable:-${postgresql_enable}}" in
x|x[Nn][Oo]|x[Nn][Oo][Nn][Ee])
continue
;;
x[Yy][Ee][Ss])
;;
*)
if test -z "$_enable"; then
_var=postgresql_enable
else
_var=postgresql_"${profile}"_enable
fi
echo "Bad value" \
"'${_enable:-${postgresql_enable}}'" \
"for ${_var}. " \
"Profile ${profile} skipped."
continue
;;
esac
echo "===> postgresql profile: ${profile}"
%%PREFIX%%/etc/rc.d/postgresql $1 ${profile}
retcode="$?"
if [ "0${retcode}" -ne 0 ]; then
failed="${profile} (${retcode}) ${failed:-}"
else
success="${profile} ${success:-}"
fi
done
exit 0
fi
fi
command_args="-D ${postgresql_data} ${postgresql_flags}"
postgresql_command()
{
su -l ${postgresql_user} -c "exec ${command} ${command_args} ${rc_arg}"
}
postgresql_initdb()
{
su -l -c ${postgresql_class} ${postgresql_user} -c "exec %%PREFIX%%/bin/initdb ${postgresql_initdb_flags} -D ${postgresql_data} -U ${postgresql_user}"
}
run_rc_command "$1"
Reference in a new issue View git blame Copy permalink