Re: Restarting, ownership, and permissions - Mailing list pgsql-general

From Nigel J. Andrews
Subject Re: Restarting, ownership, and permissions
Date
Msg-id Pine.LNX.4.21.0309022225190.32652-100000@ponder.fairway2k.co.uk
Whole thread Raw
In response to Re: Restarting, ownership, and permissions  (Richard Huxton <dev@archonet.com>)
List pgsql-general
On Tue, 2 Sep 2003, Richard Huxton wrote:

> On Tuesday 02 September 2003 21:51, Aurangzeb M. Agha wrote:
> > I run my Postgres DB on a virtual linux server where I don't have root.
> > I'm 'admin', by default, and have created a 'postgres' user to own the DB
> > dir.
> >
> > My problem is that on occassion, my ISP restarts my server, stranding all
> > my processes.  While I have scripts to restart Apache and my Servlet
> > engine on reboot, I don't know how to get the Postgres DB up and running
> > again.  The main problem is that the dir is owned (postgres.postgres) and
> > chmod'd to 700, keeping anyone but the 'postgres' user from starting it
> > up.
> >
> > I tried chownin'g the DB dir to postgres.admin, and chmodding to 770, but
> > when I tried to start the DB, I got a fatal error in the log indicating
> > that postgres must own the dir, and the permissions must be u=rwx.  What
> > can I do?
>
> Hmm - so you can't "su - postgres" because as "admin" you'll need a password.
> Off the top of my head you could:
>
> 1. chmod PG's startup script, so it runs suid as postgres (chmod u+s)
> 2. Use ssh to login as user postgres on localhost and execute pg_ctl start
> (you can setup ssh so it doesn't need a password)
>
> Either of those should work, with a little effort.

But not without root access or logging in as postgres :)

I would suggest that if you can't get your ISP to install the startup script
where is should be (/etc/init.d/ and the appropiate symbolic link) then don't
use the postgres user for your database.

Presumably as admin you can administer users. So create a new user, say
postgres2. Initialise a data directory:

$  initdb -D ~postgres2/data

as that new user. Then when you need to you can at least start the db manually
by logging in as postgres2, which you are able to do since you have control
over that user.


--
Nigel J. Andrews


pgsql-general by date:

Previous
From: Aaron
Date:
Subject: web hosting postgres
Next
From: Tom Lane
Date:
Subject: Re: Commercial postgresql