Package: postgresql-common Version: 200 Severity: critical Tags: buster sid
In postgresql-common 200, pg_upgradecluster learned how to copy the contents of postgresql.auto.conf (where ALTER SYSTEM stores its data; #810615). Internally, adapt_conffiles() gets invoked twice, once for postgresql.conf and once for postgresql.auto.conf. This function is also responsible for setting data_directory in the new cluster. Unfortunately, it does this both for postgresql.conf (correct) and postgresql.auto.conf (where ALTER SYSTEM itself refuses to set data_directory, but having a file with it is syntactically ok). At this point, both clusters operate normally, and no harm is done because postgresql.auto.conf contains the correct data_directory setting. However, if this cluster gets upgraded *again*, this extra postgresql.auto.conf setting will confuse the "update config file" logic in postgresql-common's PgCommon.pm. The effect is that on the second upgrade, the new data_directory setting for the 3rd cluster will be written to the postgresql.auto.conf file of the *2nd* cluster. (And the 3rd cluster has a verbatim copy of the old postgresql.auto.conf from the 2nd cluster.) At this point, all three clusters still operate normally because pg_ctlcluster/pg_ctl can still launch the clusters, despite the bad data_directory settings in postgresql.auto.conf. Symptoms of the problem at this point are: * `pg_lsclusters` shows the wrong Data directory for the 2nd and 3rd cluster Ver Cluster Port Status Owner Data directory Log file 9.5 main 5433 down postgres /var/lib/postgresql/9.6/main /var/log/postgresql/postgresql-9.5-main.log 9.6 main 5432 online postgres /var/lib/postgresql/9.5/main /var/log/postgresql/postgresql-9.6-main.log * `ps` shows the wrong data directory on the postgres command line: /usr/lib/postgresql/9.6/bin/postgres -D /var/lib/postgresql/9.5/main -c config_file=/etc/postgresql/9.6/main/postgresql.conf The really bad problem now using `pg_dropcluster` will wipe the data directory OF THE WRONG CLUSTER. Oops. (And sorry.) I have a patch ready, including testsuite coverage. I'll also upload a 200+deb10u2 package to buster-proposed-updates. Christoph
