joost at antarean
Apr 25, 2012, 10:46 PM
On Mon, April 23, 2012 3:21 pm, napalm [at] squareownz wrote:
Re: Postgres suddenly can't access files in its /etc directory
[In reply to]
> I'm unsure if I should be posting this to the -hardened mailing list as
> I'm using the hardened profile but all of a sudden I'm getting a rather
> strange error when trying to start postgres.
> # /etc/init.d/postgresql-9.1 start
> * Caching service dependencies ... [
> ok ]
> * The following file(s) are not readable by 'postgres':
> * /etc/postgresql-9.1/postgresql.conf
> * /etc/postgresql-9.1/pg_ident.conf
> * /etc/postgresql-9.1/pg_hba.conf
> * HINT: Try: 'chmod 644 /etc/postgresql-9.1/*.conf'
> * ERROR: postgresql-9.1 failed to start
> That's what I'm getting when I attempt to start it and I don't seem to
> have modified anything.
> Looking into the init script I can see it's doing su postgres -c "test -r
> /etc/postgresql-9.1/pg_hba.conf" and the like but the output of:
> su postgres -c "test -r /etc/postgresql-9.1/pg_hba.conf" || echo "fail"
> is fail... so I'm quite at a loss as to what could be going on here. All
> of the files are owned by postgres, have the correct permissions (I ran
> chmod 644 as it hinted) and it should be able to traverse to the directory
> as everything has the execute bit from /etc onwards.
> Any tips?
I don't have much experience with Hardenened, but are you certain that any
permissions (including ACLs) are set correctly for PostgreSQL to access
all its files?
Do you have "sec-policy/selinux-postgresql" installed? And did you
re-emerge this after the update?