From b4c5417813d34ec1f4052464f5bf863f32f42e0a Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Mon, 17 Oct 2022 08:01:37 +0200 Subject: [PATCH] committing changes in /etc made by "/usr/bin/apt install postgresql-common" Packages with configuration changes: +postgresql-common 238 all Package changes: +postgresql-common 238 all --- .etckeeper | 11 ++++ apt/apt.conf.d/02autoremove-postgresql | 15 +++++ group | 3 +- group- | 2 + gshadow | 3 +- gshadow- | 2 + init.d/postgresql | 61 +++++++++++++++++++ logrotate.d/postgresql-common | 10 +++ passwd | 1 + passwd- | 3 +- postgresql-common/createcluster.conf | 41 +++++++++++++ postgresql-common/root.crt | 11 ++++ rc0.d/K01postgresql | 1 + rc1.d/K01postgresql | 1 + rc2.d/S01postgresql | 1 + rc3.d/S01postgresql | 1 + rc4.d/S01postgresql | 1 + rc5.d/S01postgresql | 1 + rc6.d/K01postgresql | 1 + shadow | 1 + shadow- | 1 + .../postgresql.service | 1 + 22 files changed, 170 insertions(+), 3 deletions(-) create mode 100644 apt/apt.conf.d/02autoremove-postgresql create mode 100755 init.d/postgresql create mode 100644 logrotate.d/postgresql-common create mode 100644 postgresql-common/createcluster.conf create mode 100644 postgresql-common/root.crt create mode 120000 rc0.d/K01postgresql create mode 120000 rc1.d/K01postgresql create mode 120000 rc2.d/S01postgresql create mode 120000 rc3.d/S01postgresql create mode 120000 rc4.d/S01postgresql create mode 120000 rc5.d/S01postgresql create mode 120000 rc6.d/K01postgresql create mode 120000 systemd/system/multi-user.target.wants/postgresql.service diff --git a/.etckeeper b/.etckeeper index 09f4ebf..e3c11e3 100755 --- a/.etckeeper +++ b/.etckeeper @@ -63,6 +63,8 @@ mkdir -p './polkit-1/localauthority/50-local.d' mkdir -p './polkit-1/localauthority/90-mandatory.d' mkdir -p './postfix/dynamicmaps.cf.d' mkdir -p './postfix/sasl' +mkdir -p './postgresql' +mkdir -p './postgresql-common/pg_upgradecluster.d' mkdir -p './powerline' mkdir -p './ppp/ip-pre-up.d' mkdir -p './ppp/ipv6-down.d' @@ -558,6 +560,7 @@ maybe chmod 0644 'apt/apt.conf.d/00mint' maybe chmod 0644 'apt/apt.conf.d/00trustcdrom' maybe chmod 0644 'apt/apt.conf.d/01-vendor-ubuntu' maybe chmod 0644 'apt/apt.conf.d/01autoremove' +maybe chmod 0444 'apt/apt.conf.d/02autoremove-postgresql' maybe chmod 0644 'apt/apt.conf.d/05etckeeper' maybe chmod 0644 'apt/apt.conf.d/10periodic' maybe chmod 0644 'apt/apt.conf.d/15update-stamp' @@ -2180,6 +2183,7 @@ maybe chmod 0755 'init.d/openvpn' maybe chmod 0755 'init.d/plymouth' maybe chmod 0755 'init.d/plymouth-log' maybe chmod 0755 'init.d/postfix' +maybe chmod 0755 'init.d/postgresql' maybe chmod 0755 'init.d/procps' maybe chmod 0755 'init.d/pulseaudio-enable-autospawn' maybe chmod 0755 'init.d/rpcbind' @@ -2516,6 +2520,7 @@ maybe chmod 0644 'logrotate.d/mariadb' maybe chmod 0644 'logrotate.d/mintupdate' maybe chmod 0644 'logrotate.d/named' maybe chmod 0644 'logrotate.d/pm-utils' +maybe chmod 0644 'logrotate.d/postgresql-common' maybe chmod 0644 'logrotate.d/ppp' maybe chmod 0644 'logrotate.d/rsyslog' maybe chmod 0644 'logrotate.d/samba' @@ -2812,7 +2817,13 @@ maybe chmod 0644 'postfix/smtp_auth' maybe chmod 0644 'postfix/smtp_auth.db' maybe chmod 0644 'postfix/virtual' maybe chmod 0644 'postfix/virtual.db' +maybe chown 'postgres' 'postgresql' +maybe chgrp 'postgres' 'postgresql' +maybe chmod 0755 'postgresql' maybe chmod 0755 'postgresql-common' +maybe chmod 0644 'postgresql-common/createcluster.conf' +maybe chmod 0755 'postgresql-common/pg_upgradecluster.d' +maybe chmod 0644 'postgresql-common/root.crt' maybe chmod 0644 'postgresql-common/supported_versions' maybe chmod 0644 'postgresql-common/user_clusters' maybe chmod 0755 'powerline' diff --git a/apt/apt.conf.d/02autoremove-postgresql b/apt/apt.conf.d/02autoremove-postgresql new file mode 100644 index 0000000..c0f3447 --- /dev/null +++ b/apt/apt.conf.d/02autoremove-postgresql @@ -0,0 +1,15 @@ +// DO NOT EDIT! +// File maintained by /usr/share/postgresql-common/pg_updateaptconfig. +// +// Mark all PostgreSQL packages as NeverAutoRemove for which PostgreSQL +// clusters exist. This is especially important when the "postgresql" meta +// package changes its dependencies to a new version, which might otherwise +// trigger the old postgresql-NN package to be automatically removed, rendering +// the old database cluster inaccessible. + +APT +{ + NeverAutoRemove + { + }; +}; diff --git a/group b/group index 8bca931..1b2f286 100644 --- a/group +++ b/group @@ -46,7 +46,7 @@ syslog:x:106: messagebus:x:107: netdev:x:108: mlocate:x:109:frank -ssl-cert:x:110: +ssl-cert:x:110:postgres uuidd:x:111: lpadmin:x:112:frank rtkit:x:113: @@ -99,3 +99,4 @@ _ssh:x:115: plocate:x:154: swtpm:x:155: fwupd-refresh:x:156: +postgres:x:157: diff --git a/group- b/group- index d0a8524..951ba06 100644 --- a/group- +++ b/group- @@ -98,3 +98,5 @@ whoopsie:x:153: _ssh:x:115: plocate:x:154: swtpm:x:155: +fwupd-refresh:x:156: +postgres:x:157: diff --git a/gshadow b/gshadow index 2081507..263089a 100644 --- a/gshadow +++ b/gshadow @@ -46,7 +46,7 @@ syslog:!:: messagebus:!:: netdev:!:: mlocate:!::frank -ssl-cert:!:: +ssl-cert:!::postgres uuidd:!:: lpadmin:!::frank rtkit:!:: @@ -99,3 +99,4 @@ _ssh:!:: plocate:!:: swtpm:!:: fwupd-refresh:!:: +postgres:!:: diff --git a/gshadow- b/gshadow- index 54d35c8..bd664b0 100644 --- a/gshadow- +++ b/gshadow- @@ -98,3 +98,5 @@ whoopsie:!:: _ssh:!:: plocate:!:: swtpm:!:: +fwupd-refresh:!:: +postgres:!:: diff --git a/init.d/postgresql b/init.d/postgresql new file mode 100755 index 0000000..579fdd2 --- /dev/null +++ b/init.d/postgresql @@ -0,0 +1,61 @@ +#!/bin/sh +set -e + +### BEGIN INIT INFO +# Provides: postgresql +# Required-Start: $local_fs $remote_fs $network $time +# Required-Stop: $local_fs $remote_fs $network $time +# Should-Start: $syslog +# Should-Stop: $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: PostgreSQL RDBMS server +### END INIT INFO + +# Setting environment variables for the postmaster here does not work; please +# set them in /etc/postgresql///environment instead. + +[ -r /usr/share/postgresql-common/init.d-functions ] || exit 0 + +. /usr/share/postgresql-common/init.d-functions + +# versions can be specified explicitly +if [ -n "$2" ]; then + versions="$2 $3 $4 $5 $6 $7 $8 $9" +else + get_versions +fi + +case "$1" in + start|stop|restart|reload) + if [ "$1" = "start" ]; then + create_socket_directory + fi + if [ -z "`pg_lsclusters -h`" ]; then + log_warning_msg 'No PostgreSQL clusters exist; see "man pg_createcluster"' + exit 0 + fi + for v in $versions; do + $1 $v || EXIT=$? + done + exit ${EXIT:-0} + ;; + status) + LS=`pg_lsclusters -h` + # no clusters -> unknown status + [ -n "$LS" ] || exit 4 + echo "$LS" | awk 'BEGIN {rc=0} {if (match($4, "down")) rc=3; printf ("%s/%s (port %s): %s\n", $1, $2, $3, $4)}; END {exit rc}' + ;; + force-reload) + for v in $versions; do + reload $v + done + ;; + *) + echo "Usage: $0 {start|stop|restart|reload|force-reload|status} [version ..]" + exit 1 + ;; +esac + +exit 0 + diff --git a/logrotate.d/postgresql-common b/logrotate.d/postgresql-common new file mode 100644 index 0000000..0cbf10a --- /dev/null +++ b/logrotate.d/postgresql-common @@ -0,0 +1,10 @@ +/var/log/postgresql/*.log { + weekly + rotate 10 + copytruncate + delaycompress + compress + notifempty + missingok + su root root +} diff --git a/passwd b/passwd index 69f006b..400b539 100644 --- a/passwd +++ b/passwd @@ -70,3 +70,4 @@ systemd-timesync:x:999:999:systemd Time Synchronization:/:/usr/sbin/nologin whoopsie:x:137:153::/nonexistent:/bin/false swtpm:x:138:155:virtual TPM software stack,,,:/var/lib/swtpm:/bin/false fwupd-refresh:x:139:156:fwupd-refresh user,,,:/run/systemd:/usr/sbin/nologin +postgres:x:140:157:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash diff --git a/passwd- b/passwd- index 5ed84dc..95d84b5 100644 --- a/passwd- +++ b/passwd- @@ -69,4 +69,5 @@ _flatpak:x:135:150:Flatpak system-wide installation helper,,,:/nonexistent:/usr/ systemd-timesync:x:999:999:systemd Time Synchronization:/:/usr/sbin/nologin whoopsie:x:137:153::/nonexistent:/bin/false swtpm:x:138:155:virtual TPM software stack,,,:/var/lib/swtpm:/bin/false -fwupd-refresh:x:139:156::/run/systemd:/usr/sbin/nologin +fwupd-refresh:x:139:156:fwupd-refresh user,,,:/run/systemd:/usr/sbin/nologin +postgres:x:140:157::/var/lib/postgresql:/bin/bash diff --git a/postgresql-common/createcluster.conf b/postgresql-common/createcluster.conf new file mode 100644 index 0000000..d245a27 --- /dev/null +++ b/postgresql-common/createcluster.conf @@ -0,0 +1,41 @@ +# Default values for pg_createcluster(8) +# Occurrences of '%v' are replaced by the major version number, +# and '%c' by the cluster name. Use '%%' for a literal '%'. + +# Create a "main" cluster when a new postgresql-x.y server package is installed +#create_main_cluster = true + +# Default start.conf value, must be one of "auto", "manual", and "disabled". +# See pg_createcluster(8) for more documentation. +#start_conf = 'auto' + +# Default data directory. +#data_directory = '/var/lib/postgresql/%v/%c' + +# Default directory for transaction logs +# Unset by default, i.e. transaction logs remain in the data directory. +#waldir = '/var/lib/postgresql/wal/%v/%c/pg_wal' + +# Options to pass to initdb. +#initdb_options = '' + +# The following options are copied into the new cluster's postgresql.conf: + +# Enable SSL by default (using the "snakeoil" certificates installed by the +# ssl-cert package, unless configured otherwise here) +ssl = on + +# Show cluster name in process title +cluster_name = '%v/%c' + +# Put stats_temp_directory on tmpfs +stats_temp_directory = '/var/run/postgresql/%v-%c.pg_stat_tmp' + +# Add prefix to log lines +log_line_prefix = '%%m [%%p] %%q%%u@%%d ' + +# Add "include_dir" in postgresql.conf +add_include_dir = 'conf.d' + +# Directory for additional createcluster config +include_dir '/etc/postgresql-common/createcluster.d' diff --git a/postgresql-common/root.crt b/postgresql-common/root.crt new file mode 100644 index 0000000..6a1f174 --- /dev/null +++ b/postgresql-common/root.crt @@ -0,0 +1,11 @@ +This is a dummy root certificate file for PostgreSQL. To enable client side +authentication, add some certificates to it. Client certificates must be signed +with any certificate in this file to be accepted. + +A reasonable choice is to just symlink this file to +/etc/ssl/certs/ssl-cert-snakeoil.pem; in this case, client certificates need to +be signed by the postgresql server certificate, which might be desirable in +many cases. See chapter "Server Setup and Operation" in the PostgreSQL +documentation for details (in package postgresql-doc-9.2). + + file:///usr/share/doc/postgresql-doc-9.2/html/ssl-tcp.html diff --git a/rc0.d/K01postgresql b/rc0.d/K01postgresql new file mode 120000 index 0000000..313aae7 --- /dev/null +++ b/rc0.d/K01postgresql @@ -0,0 +1 @@ +../init.d/postgresql \ No newline at end of file diff --git a/rc1.d/K01postgresql b/rc1.d/K01postgresql new file mode 120000 index 0000000..313aae7 --- /dev/null +++ b/rc1.d/K01postgresql @@ -0,0 +1 @@ +../init.d/postgresql \ No newline at end of file diff --git a/rc2.d/S01postgresql b/rc2.d/S01postgresql new file mode 120000 index 0000000..313aae7 --- /dev/null +++ b/rc2.d/S01postgresql @@ -0,0 +1 @@ +../init.d/postgresql \ No newline at end of file diff --git a/rc3.d/S01postgresql b/rc3.d/S01postgresql new file mode 120000 index 0000000..313aae7 --- /dev/null +++ b/rc3.d/S01postgresql @@ -0,0 +1 @@ +../init.d/postgresql \ No newline at end of file diff --git a/rc4.d/S01postgresql b/rc4.d/S01postgresql new file mode 120000 index 0000000..313aae7 --- /dev/null +++ b/rc4.d/S01postgresql @@ -0,0 +1 @@ +../init.d/postgresql \ No newline at end of file diff --git a/rc5.d/S01postgresql b/rc5.d/S01postgresql new file mode 120000 index 0000000..313aae7 --- /dev/null +++ b/rc5.d/S01postgresql @@ -0,0 +1 @@ +../init.d/postgresql \ No newline at end of file diff --git a/rc6.d/K01postgresql b/rc6.d/K01postgresql new file mode 120000 index 0000000..313aae7 --- /dev/null +++ b/rc6.d/K01postgresql @@ -0,0 +1 @@ +../init.d/postgresql \ No newline at end of file diff --git a/shadow b/shadow index edee685..b6fdde9 100644 --- a/shadow +++ b/shadow @@ -70,3 +70,4 @@ systemd-timesync:!!:18464:::::: whoopsie:*:19220:0:99999:7::: swtpm:*:19220:0:99999:7::: fwupd-refresh:*:19242:0:99999:7::: +postgres:*:19282:0:99999:7::: diff --git a/shadow- b/shadow- index edee685..b6fdde9 100644 --- a/shadow- +++ b/shadow- @@ -70,3 +70,4 @@ systemd-timesync:!!:18464:::::: whoopsie:*:19220:0:99999:7::: swtpm:*:19220:0:99999:7::: fwupd-refresh:*:19242:0:99999:7::: +postgres:*:19282:0:99999:7::: diff --git a/systemd/system/multi-user.target.wants/postgresql.service b/systemd/system/multi-user.target.wants/postgresql.service new file mode 120000 index 0000000..fde7afb --- /dev/null +++ b/systemd/system/multi-user.target.wants/postgresql.service @@ -0,0 +1 @@ +/lib/systemd/system/postgresql.service \ No newline at end of file -- 2.39.5