From daea94a3e118c8b89d6818a084c495eaf998b797 Mon Sep 17 00:00:00 2001 From: Palle Girgensohn Date: Thu, 20 May 2010 15:43:39 +0000 Subject: Update all PostgreSQL ports to latest version. Remove postgresql-contrib in favour for postgresqlNN-contrib. This way we will get packages built, which is nice. Security: CVE-2010-1169 Security: CVE-2010-1170 The PostgreSQL Project today released minor versions updating all active branches of the PostgreSQL object-relational database system, including versions 8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25, and 7.4.29. This release fixes moderate-risk security issues with PL/perl and PL/tcl, as well as a data corruption issue with standby databases. Users of any of these three features should update their PostgreSQL installations immediately. The PL/perl security fix closes a security hole in PL/perl procedures which could allow privilege escalation on the host system, caused by a flaw in Safe.pm; see CVE-2010-1169 and CVE-2010-1447 for details. A second patch prevents PL/tcl's pltcl_modules table from being subverted in order to run arbitrary Tcl scripts; see CVE-2010-1170. These issues only affect users who have enabled either of these two stored procedure languages. Also corrected is use of the command ALTER TABLE SET TABLESPACE, which previously could cause data corruption on Warm Standby database slaves. This issue affects only version 8.4. There are also 21 other bug fixes in this release, some of which apply only to version 8.4, and a few of which are specifically for Windows. While these are generally fixes for minor issues, among the changes are: * Fix for a combinational crash condition * Prevent normal users from resetting some GUCs in their own role definitions * Correctly apply constraint exclusion in UPDATE and DELETE queries * Minor fixes for WAL archiving * Update timezone data for 12 zones See the release notes for a full list of changes with details. Releasenotes at http://www.postgresql.org/docs/current/static/release.html --- databases/postgresql81-server/files/502.pgsql | 39 ++++++++++++++++++--------- 1 file changed, 27 insertions(+), 12 deletions(-) (limited to 'databases/postgresql81-server/files') diff --git a/databases/postgresql81-server/files/502.pgsql b/databases/postgresql81-server/files/502.pgsql index acc1afe431cf..281189a59c46 100644 --- a/databases/postgresql81-server/files/502.pgsql +++ b/databases/postgresql81-server/files/502.pgsql @@ -15,12 +15,10 @@ # Define these variables in either /etc/periodic.conf or # /etc/periodic.conf.local to override the default values. # -# daily_pgsql_backup_enable="YES" # do backup +# daily_pgsql_backup_enable="YES" # do backup of all databases +# daily_pgsql_backup_enable="foo bar db1 db2" # only do backup of a limited selection of databases # daily_pgsql_vacuum_enable="YES" # do vacuum -daily_pgsql_vacuum_enable="YES" -daily_pgsql_backup_enable="NO" - daily_pgsql_vacuum_args="-z" daily_pgsql_pgdump_args="-b -F c" # backupdir is relative to ~pgsql home directory unless it begins with a slash: @@ -40,32 +38,32 @@ eval backupdir=${daily_pgsql_backupdir} rc=0 -case "$daily_pgsql_backup_enable" in - [Yy][Ee][Ss]) - +pgsql_backup() { # daily_pgsql_backupdir must be writeable by user pgsql # ~pgsql is just that under normal circumstances, # but this might not be where you want the backups... if [ ! -d ${backupdir} ] ; then echo Creating ${backupdir} - mkdir ${backupdir}; chmod 700 ${backupdir}; chown pgsql ${backupdir} + mkdir -m 700 ${backupdir}; chown pgsql ${backupdir} fi echo - echo "PostgreSQL maintenance" + echo "PostgreSQL backups" # Protect the data umask 077 - dbnames=`su -l pgsql -c "umask 077; psql -q -t -A -d template1 -c SELECT\ datname\ FROM\ pg_database\ WHERE\ datname!=\'template0\'"` rc=$? now=`date "+%Y-%m-%dT%H:%M:%S"` file=${daily_pgsql_backupdir}/pgglobals_${now} su -l pgsql -c "umask 077; pg_dumpall -g | gzip -9 > ${file}.gz" - for db in ${dbnames}; do + + db=$1 + while shift; do echo -n " $db" file=${backupdir}/pgdump_${db}_${now} su -l pgsql -c "umask 077; pg_dump ${daily_pgsql_pgdump_args} -f ${file} ${db}" [ $? -gt 0 ] && rc=3 + db=$1 done if [ $rc -gt 0 ]; then @@ -76,6 +74,23 @@ case "$daily_pgsql_backup_enable" in # cleaning up old data find ${backupdir} \( -name 'pgdump_*' -o -name 'pgglobals_*' \) \ -a -mtime +${daily_pgsql_savedays} -delete + echo +} + +case "$daily_pgsql_backup_enable" in + [Yy][Ee][Ss]) + dbnames=`su -l pgsql -c "umask 077; psql -q -t -A -d template1 -c SELECT\ datname\ FROM\ pg_database\ WHERE\ datname!=\'template0\'"` + pgsql_backup $dbnames + ;; + + [Nn][Oo]) + ;; + + "") + ;; + + *) + pgsql_backup $daily_pgsql_backup_enable ;; esac @@ -83,7 +98,7 @@ case "$daily_pgsql_vacuum_enable" in [Yy][Ee][Ss]) echo - echo "vacuuming..." + echo "PostgreSQL vacuum" su -l pgsql -c "vacuumdb -a -q ${daily_pgsql_vacuum_args}" if [ $? -gt 0 ] then -- cgit v1.2.3