[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: systemd & postgresql - flooding system log

On Fri, Jul 14, 2017 at 05:07:22PM -0500, Don Armstrong wrote:
>... 
> This plugin is horribly designed, and runs su - $DBUSER -c [...] for its
> functioning.
> 
> It should instead just su $DBUSER -c [...]; or better yet, not actually
> su to the database user, and instead run as a user which only has the
> ability to read the appropriate tables and cannot also write to.
> 
> If you fix that so that it doesn't start a login session, you'll fix
> the excessive number of sessions created.

Unfortunately removing `-' didn't helped. 


On Sat, Jul 15, 2017 at 12:30:41AM +0200, Michael Biebl wrote:
> Am 15.07.2017 um 00:07 schrieb Don Armstrong:
> > This plugin is horribly designed, and runs su - $DBUSER -c [...] for its
> > functioning.
> 
> Indeed.
> 
> > It should instead just su $DBUSER -c [...]; or better yet, not actually
> > su to the database user, and instead run as a user which only has the
> > ability to read the appropriate tables and cannot also write to.
> 
> There is an alternative utility called runuser which is more suitable
> for such cases.
> It uses a different pam config and doesn't start a systemd logind session.

Bingo! This helped runuser instead of su.

 su - $DBUSER -c [...] 
    to
 runuser -c [...] $DBUSER

Thanks
-- 
Zito
Reply to: