Gentoo Archives: gentoo-user

From: Michael Mol <mikemol@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Postgres suddenly can't access files in its /etc directory
Date: Mon, 23 Apr 2012 13:40:10
Message-Id: CA+czFiCE0DwZfBO9p3h4nbQtjTbdgW7x3s1BTo8=9+Br-B=L_A@mail.gmail.com
In Reply to: [gentoo-user] Postgres suddenly can't access files in its /etc directory by napalm@squareownz.org
1 On Mon, Apr 23, 2012 at 9:21 AM, <napalm@××××××××××.org> wrote:
2 > I'm unsure if I should be posting this to the -hardened mailing list as
3 > I'm using the hardened profile but all of a sudden I'm getting a rather
4 > strange error when trying to start postgres.
5 >
6 > # /etc/init.d/postgresql-9.1 start
7 >  * Caching service dependencies ...                                      [ ok ]
8 >  * The following file(s) are not readable by 'postgres':
9 >  *     /etc/postgresql-9.1/postgresql.conf
10 >  *     /etc/postgresql-9.1/pg_ident.conf
11 >  *     /etc/postgresql-9.1/pg_hba.conf
12 >  * HINT: Try: 'chmod 644 /etc/postgresql-9.1/*.conf'
13 >  * ERROR: postgresql-9.1 failed to start
14 >
15 > That's what I'm getting when I attempt to start it and I don't seem to have modified anything.
16 >
17 > Looking into the init script I can see it's doing su postgres -c "test -r /etc/postgresql-9.1/pg_hba.conf" and the like but the output of:
18 >        su postgres -c "test -r /etc/postgresql-9.1/pg_hba.conf" || echo "fail"
19 > is fail... so I'm quite at a loss as to what could be going on here. All of the files are owned by postgres, have the correct permissions (I ran chmod 644 as it hinted) and it should be able to traverse to the directory as everything has the execute bit from /etc onwards.
20 >
21 > Any tips?
22
23 I tend to go at these things with a bludgeon. Capture and grep the
24 strace output for syscalls accessing those files, and you can see
25 exactly what error message the system gives. Or you might see that
26 it's not looking in the right place.
27
28 --
29 :wq