Try
Home   >   mailing lists

Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS) - Mailing list pgsql-general

From Laurenz Albe
Subject Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS)
Date
Msg-id 13e3100fc7c7d14919c37943dcfd76b263cecce2.camel@cybertec.at
Whole thread Raw
In response to Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS)  (Amol Inamdar <amol.aai@gmail.com>)
Responses Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS)
Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS)
List pgsql-general
Tree view 
On Mon, 2025-07-14 at 11:19 +0530, Amol Inamdar wrote:
> I'm currently running PostgreSQL version 16.6 inside a Docker container
> (base image: UBI 9), using Docker Compose. The PostgreSQL data directory
> is mounted from an NFS volume hosted on a z/OS NFS server.
>
> The environment has a few constraints:
>
> - It’s a highly secure and access-controlled setup.
> - Due to platform restrictions on z/OS, the mounted NFS directory cannot
>   be owned by the PostgreSQL user (e.g., `postgres`) inside the container.
> - As a result, PostgreSQL fails to start because of the directory
>   ownership validation check.

It is not a good idea to have a mount point be the data directory.
The proper solution is to create the data directory inside the
mount point.  That way, the permissions of the data directory don't
have to be the same as the permissions of the mount point.

Yours,
Laurenz Albe

pgsql-general by date:

Previous
From: Amol Inamdar
Date:
Subject: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS)
Next
From: Amol Inamdar
Date:
Subject: Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS)