1 files changed, 31 insertions, 0 deletions

diff --git a/community/agensgraph/agensgraph-unix_socket_directories.patch b/community/agensgraph/agensgraph-unix_socket_directories.patch
new file mode 100644
index 00000000000..8839754910c
--- /dev/null
+++ b/community/agensgraph/agensgraph-unix_socket_directories.patch
@@ -0,0 +1,31 @@
+Using /tmp for sockets allows everyone to spoof a PostgreSQL server. Thus use
+/run/postgresql/ for "system" clusters which run as 'postgres' (user
+clusters will still use /tmp). Since system cluster are by far the common case,
+set it as default.
+
+This is inspired by Fedora and Debian patches.
+
+Modified for AgensGraph.
+
+--- a/src/backend/utils/misc/postgresql.conf.sample
++++ b/src/backend/utils/misc/postgresql.conf.sample
+@@ -63,7 +63,7 @@
+ #port = 5432				# (change requires restart)
+ #max_connections = 100			# (change requires restart)
+ #superuser_reserved_connections = 3	# (change requires restart)
+-#unix_socket_directories = '/tmp'	# comma-separated list of directories
++unix_socket_directories = '/run/agensgraph'	# comma-separated list of directories
+ 					# (change requires restart)
+ #unix_socket_group = ''			# (change requires restart)
+ #unix_socket_permissions = 0777		# begin with 0 to use octal notation
+--- a/src/include/pg_config_manual.h
++++ b/src/include/pg_config_manual.h
+@@ -201,7 +201,7 @@
+  * support them yet.
+  */
+ #ifndef WIN32
+-#define DEFAULT_PGSOCKET_DIR  "/tmp"
++#define DEFAULT_PGSOCKET_DIR  "/run/agensgraph"
+ #else
+ #define DEFAULT_PGSOCKET_DIR ""
+ #endif