Change ownership of /var/run/postgresql on startup

[bartmeuris]

Currently, the init script changes the ownership of /var/lib/postgresql/data to make sure the postgres user can write to it's data directory.

However, when starting a postgres container, I use a data volume that shares both /var/lib/postgresql/data for storing the data, and /var/run/postgresql for storing the postgres sockets - so I don't have to use networking. The containers that need access to postgres are started with mounting my data volume and accessing (what they think is) the local unix socket. This way can easily give another container access to my postgres database without network discovery or network overhead, eliminating a lot of potential problems and improving security.

The problem however is that when you create a volume like this, I have to launch a temporary container to fix the permissions of /var/run/postgresql before launching my postgres server.

[md5]

You can get this functionality by making an image FROM postgres and using the docker-entrypoint-initdb.d functionality to run your own chown -R /var/run/postgresql.

I just ran a docker diff on a container I created with docker run postgres:9.4 after exiting it when the DB was created an saw that /run/postgresql was updated in the diff. It may make sense to have a VOLUME /run/postgresql on this image for that reason, which could be documented as a way to get access to the postgres unix socket.

I suppose if that change were made, it would make sense to have the entrypoint do its own chown -R /run/postgresql.

[bartmeuris]

Well since /var/run/postgresql is a directory that's Postgres absolutely needs to be able to write to - whatever scenario you're in - it would seem like the logical choice to add this in the official image.

It's rather silly that I would have to create my own image just to fix the permissions, I'd rather avoid that. Currently I just launch a temporary postgres container mounting my data volume and overriding the entrypoint to fix the permissions of the socket directory.

[md5]

I created a branch that makes /run/postgresql a volume. It then does a chown -R postgres:postgres /run/postgresql and chmod g+s /run/postgresql in the entrypoint. The chmod is there to match the permissions of /run/postgresql as created by the Postgres *.deb install.

I can open a PR if @tianon and @yosifkit are amenable to the change.

cf. https://github.com/md5/docker-postgres/compare/docker-library:master...md5:run-postgresql-volume

[bartmeuris]

Small remark: the path is /var/run/postgresql - not /run/postgresql

[md5]

No it isn't; /var/run itself is a symlnk:

$ docker run --rm postgres:9.4 ls -ld /var/run
lrwxrwxrwx 1 root root 4 Jan 16 21:05 /var/run -> /run