main/postgresql: create postgres account

This change was made due to complains that /etc/passwd contains system
accounts with login shells, postgres being one of them [0].

Setting the shell of the postgres account to /sbin/nologin was not
deemed feasible as the official document suggests login in as the
postgres user via su(1) [1]. Other Linux distribution (Debian, Gentoo,
Arch) also create the account with a shell.

Not creating the postgres account by default (via alpine-baselayout) and
instead creating it on demand from the package was deemed a reasonable
compromise.

[0]: https://gitlab.alpinelinux.org/alpine/aports/issues/10579
[1]: https://wiki.postgresql.org/wiki/First_steps

2 files changed, 12 insertions, 2 deletions

diff --git a/main/postgresql/APKBUILD b/main/postgresql/APKBUILD
index c8d5e044f5..860bfa9b41 100644
--- a/main/postgresql/APKBUILD
+++ b/main/postgresql/APKBUILD
@@ -3,13 +3,13 @@
 # Contributor: Jakub Jirutka <jakub@jirutka.cz>
 pkgname=postgresql
 pkgver=11.4
-pkgrel=0
+pkgrel=1
 pkgdesc="A sophisticated object-relational DBMS"
 url="https://www.postgresql.org/"
 arch="all"
 license="PostgreSQL"
 depends="postgresql-client tzdata"
-install="$pkgname.pre-upgrade"
+install="$pkgname.pre-install $pkgname.pre-upgrade"
 pkgusers="postgres"
 pkggroups="postgres"
 checkdepends="diffutils"
diff --git a/main/postgresql/postgresql.pre-install b/main/postgresql/postgresql.pre-install
new file mode 100644
index 0000000000..dd34706224
--- /dev/null
+++ b/main/postgresql/postgresql.pre-install
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# Fixed GID/UID values as this users was previously included in the
+# default /etc/passwd as shipped by main/alpine-baselayout.
+
+addgroup -g 70 -S postgres 2>/dev/null
+adduser -u 70 -S -D -H -h /var/lib/postgresql -g "Postgres user" \
+	-s /bin/sh -G postgres postgres 2>/dev/null
+
+exit 0