Postgres Pro
Downloads
Home   >   mailing lists

Re: Postmaster hangs - Mailing list pgsql-bugs

From Karen Pease
Subject Re: Postmaster hangs
Date
Msg-id 1256622413.29215.6.camel@localhost.localdomain
Whole thread Raw
In response to Re: Postmaster hangs  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-bugs
Tree view 
No -- one of the first things I do is shut off selinux, as it always is
a pain.

[root@chmmr meme]# more /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#       targeted - Targeted processes are protected,
#       mls - Multi Level Security protection.
SELINUXTYPE=targeted

    - Karen


On Mon, 2009-10-26 at 09:52 -0400, Tom Lane wrote:
> Karen Pease <meme@daughtersoftiresias.org> writes:
> > Postgres is by default in /var/lib/pgsql.  When / started running out of
> > space, I moved it to /scratch and symlinked:
> > lrwxrwxrwx 1 root       root         15 2009-09-11 16:57 pgsql
> > -> /scratch/pgsql//
>
> Hmm, that could be a problem right there.  Do you have SELinux running?
> It will normally try to prevent the postmaster from accessing files
> outside /var/lib/pgsql.  Depending on how you moved the files, they
> might have had the right security labels anyway, but I suspect some of
> your symptoms might have to do with some files under /scratch/pgsql
> not having the right labels.  Try poking around with ls -lZ.  If you
> find some that have generic labels, you can fix them manually with
> chcon, but a better long-term solution would be to teach selinux
> that stuff under /scratch/pgsql should be treated the same as stuff
> under /var/lib/pgsql would be --- that way a stray restorecon won't
> mess up your work.  Last I heard, the relevant policy rules are
>
> /var/lib/pgsql/data(/.*)?        gen_context(system_u:object_r:postgresql_db_t,s0)
> /var/lib/pgsql/logfile(/.*)?        gen_context(system_u:object_r:postgresql_log_t,s0)
> /var/lib/pgsql/pgstartup\.log        gen_context(system_u:object_r:postgresql_log_t,s0)
>
> Unfortunately I don't know selinux well enough to know where to
> add custom rules :-(, but a bit of manual-reading ought to tell you.
>
> If it's *not* a permissions issue, then I would expect postgres to
> be logging something relevant ... have you checked into the log
> files?
>
>             regards, tom lane

pgsql-bugs by date:

Previous
From: Timothy Madden
Date:
Subject: Re: BUG #5136: Please drop the string literal syntax for CREATE FUNCTION ...
Next
From: Karen Pease
Date:
Subject: Re: Postmaster hangs