recovery config, which includes connection password for superuser-class DB user) is created as world readable. Also, daemon would better run as pgsql user, and for safety by default in monitor only mode. Patch: marck@castor:/FreeBSD/ports/ports/databases/postgresql-repmgr> svn diff Index: Makefile =================================================================== --- Makefile (revision 421565) +++ Makefile (working copy) @@ -3,6 +3,7 @@ PORTNAME= postgresql-repmgr PORTVERSION= 3.1.5 +PORTREVISION= 1 CATEGORIES= databases MASTER_SITES= http://www.repmgr.org/download/ DISTNAME= repmgr-${PORTVERSION} Index: files/patch-repmgr.c =================================================================== --- files/patch-repmgr.c (revision 0) +++ files/patch-repmgr.c (working copy) @@ -0,0 +1,20 @@ + +$FreeBSD$ + +--- repmgr.c.orig ++++ repmgr.c +@@ -4414,10 +4414,14 @@ + FILE *recovery_file; + char recovery_file_path[MAXLEN]; + char line[MAXLEN]; ++ mode_t um; + + maxlen_snprintf(recovery_file_path, "%s/%s", data_dir, RECOVERY_COMMAND_FILE); + ++ um = umask(0); ++ umask(077); + recovery_file = fopen(recovery_file_path, "w"); ++ umask(um); + if (recovery_file == NULL) + { + log_err(_("unable to create recovery.conf file at '%s'\n"), recovery_file_path); Property changes on: files/patch-repmgr.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: files/repmgrd.in =================================================================== --- files/repmgrd.in (revision 421565) +++ files/repmgrd.in (working copy) @@ -22,12 +22,13 @@ load_rc_config $name : ${repmgrd_enable:="NO"} +: ${repmgrd_user:="pgsql"} : ${repmgrd_config="%%PREFIX%%/etc/repmgr.conf"} command=%%PREFIX%%/sbin/${name} pidfile=/var/run/${name}.pid -command_args="-p $pidfile -f $repmgrd_config" +command_args="-m -d -p $pidfile -f $repmgrd_config" run_rc_command "$1"
A commit references this bug: Author: bofh Date: Sun Mar 5 10:40:45 UTC 2017 New revision: 435467 URL: https://svnweb.freebsd.org/changeset/ports/435467 Log: databases/postgresql-repmgr: Update version 3.1.5=>3.3 - Daemon would better run as pgsql user, and for safety by default in monitor only mode [1] PR: 212490 [1] Submitted by: marck [1] Changes: head/databases/postgresql-repmgr/Makefile head/databases/postgresql-repmgr/distinfo head/databases/postgresql-repmgr/files/repmgrd.in
Weak permission is fixed in version 3.3.