| 1 |
On Mon, Apr 23, 2012 at 10:43:18AM -0400, Michael Orlitzky wrote: |
| 2 |
> On 04/23/12 09:21, napalm@××××××××××.org wrote: |
| 3 |
> > I'm unsure if I should be posting this to the -hardened mailing list as |
| 4 |
> > I'm using the hardened profile but all of a sudden I'm getting a rather |
| 5 |
> > strange error when trying to start postgres. |
| 6 |
> > |
| 7 |
> > # /etc/init.d/postgresql-9.1 start |
| 8 |
> > * Caching service dependencies ... [ ok ] |
| 9 |
> > * The following file(s) are not readable by 'postgres': |
| 10 |
> > * /etc/postgresql-9.1/postgresql.conf |
| 11 |
> > * /etc/postgresql-9.1/pg_ident.conf |
| 12 |
> > * /etc/postgresql-9.1/pg_hba.conf |
| 13 |
> > * HINT: Try: 'chmod 644 /etc/postgresql-9.1/*.conf' |
| 14 |
> > * ERROR: postgresql-9.1 failed to start |
| 15 |
> > |
| 16 |
> > That's what I'm getting when I attempt to start it and I don't seem to have modified anything. |
| 17 |
> > |
| 18 |
> > Looking into the init script I can see it's doing su postgres -c "test -r /etc/postgresql-9.1/pg_hba.conf" and the like but the output of: |
| 19 |
> > su postgres -c "test -r /etc/postgresql-9.1/pg_hba.conf" || echo "fail" |
| 20 |
> > is fail... so I'm quite at a loss as to what could be going on here. All of the files are owned by postgres, have the correct permissions (I ran chmod 644 as it hinted) and it should be able to traverse to the directory as everything has the execute bit from /etc onwards. |
| 21 |
> > |
| 22 |
> |
| 23 |
> You can `su postgres` and then try to read the files yourself. That |
| 24 |
> should reveal the problem. |
| 25 |
> |
| 26 |
|
| 27 |
Interestingly I can't `su postgres` even though I have set it a shell, |
| 28 |
thanks for the tip though, I'm getting closer! |
Archives