Thread: BUG #12072: init script creates pid file with wrong owner

BUG #12072: init script creates pid file with wrong owner

From
henrik-postgres@hswn.dk
Date:
The following bug has been logged on the website:

Bug reference:      12072
Logged by:          Henrik Storner
Email address:      henrik-postgres@hswn.dk
PostgreSQL version: 9.3.5
Operating system:   CentOS 6.6
Description:

The /etc/init.d/postgresql-9.3 file created a PID file, but fails to make it
owned by user 'postgres'.

This means that using the "pg_ctl" command to restart Postgres fails,
because user postgres cannot update the pid file (if you set
external_pid_file in postgresql.conf so it can find the pid file).

The init script should do a "chown postgres:postgres $pidfile" so the pid
file is owned by the postgres user. This allows pg_ctl commands to work.

Re: BUG #12072: init script creates pid file with wrong owner

From
Sandeep Thakkar
Date:
The init script will first do "su - postgres" before starting the server,
so there is no way that the owner of the PID file (default location is
$DATADIR/postmaster.pid) is not postgres. Please recheck.

On Wed, Nov 26, 2014 at 7:49 PM, <henrik-postgres@hswn.dk> wrote:

> The following bug has been logged on the website:
>
> Bug reference:      12072
> Logged by:          Henrik Storner
> Email address:      henrik-postgres@hswn.dk
> PostgreSQL version: 9.3.5
> Operating system:   CentOS 6.6
> Description:
>
> The /etc/init.d/postgresql-9.3 file created a PID file, but fails to make
> it
> owned by user 'postgres'.
>
> This means that using the "pg_ctl" command to restart Postgres fails,
> because user postgres cannot update the pid file (if you set
> external_pid_file in postgresql.conf so it can find the pid file).
>
> The init script should do a "chown postgres:postgres $pidfile" so the pid
> file is owned by the postgres user. This allows pg_ctl commands to work.
>
>
>
> --
> Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-bugs
>



--
Sandeep Thakkar

Re: BUG #12072: init script creates pid file with wrong owner

From
John R Pierce
Date:
On 11/26/2014 6:19 AM, henrik-postgres@hswn.dk wrote:
> The /etc/init.d/postgresql-9.3 file created a PID file, but fails to make it
> owned by user 'postgres'.

it should have.   mine does.


[root@new ~]# ls -la /var/lib/pgsql/9.3/data/postmaster.pid
-rw------- 1 postgres postgres 72 Oct 29 09:54
/var/lib/pgsql/9.3/data/postmaster.pid

[root@new ~]# cat /etc/redhat-release
CentOS release 6.6 (Final)

[root@new ~]# rpm -qa postgres\*
postgresql93-devel-9.3.5-1PGDG.rhel6.x86_64
postgresql93-libs-9.3.5-1PGDG.rhel6.x86_64
postgresql93-server-9.3.5-1PGDG.rhel6.x86_64
postgresql93-contrib-9.3.5-1PGDG.rhel6.x86_64
postgresql93-9.3.5-1PGDG.rhel6.x86_64



--
john r pierce                                      37N 122W
somewhere on the middle of the left coast

Re: BUG #12072: init script creates pid file with wrong owner

From
Henrik Størner
Date:
Checked. Steps to reproduce:


1) Fresh install of CentOS 6.6 base-server (could be any Redhat like distro)


2) Install Postgres 9.3.5 as per http://www.postgresql.org/download/linux/redhat/ - i.e. using the yum.postgresql.org repository

root@postgres ~]# yum install http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-redhat93-9.3-1.noarch.rpm
<cut yum chatter>
Installed:
  pgdg-redhat93.noarch 0:9.3-1

Complete!

[root@postgres ~]# yum install postgresql93-server postgresql93-contrib
<cut more yum chatter>
  Installing : postgresql93-libs-9.3.5-1PGDG.rhel6.x86_64     1/5
  Installing : postgresql93-9.3.5-1PGDG.rhel6.x86_64          2/5
  Installing : uuid-1.6.1-10.el6.x86_64                       3/5
  Installing : postgresql93-contrib-9.3.5-1PGDG.rhel6.x86_64  4/5
  Installing : postgresql93-server-9.3.5-1PGDG.rhel6.x86_64   5/5
  Verifying  : postgresql93-contrib-9.3.5-1PGDG.rhel6.x86_64  1/5
  Verifying  : postgresql93-9.3.5-1PGDG.rhel6.x86_64          2/5
  Verifying  : postgresql93-server-9.3.5-1PGDG.rhel6.x86_64   3/5
  Verifying  : postgresql93-libs-9.3.5-1PGDG.rhel6.x86_64     4/5
  Verifying  : uuid-1.6.1-10.el6.x86_64                       5/5

Installed:
  postgresql93-contrib.x86_64 0:9.3.5-1PGDG.rhel6  postgresql93-server.x86_64 0:9.3.5-1PGDG.rhel6

Dependencies installed:
  postgresql93.x86_64 0:9.3.5-1PGDG.rhel6 postgresql93-libs.x86_64 0:9.3.5-1PGDG.rhel6 uuid.x86_64 0:1.6.1-10.el6

Complete!


3) Start Postgres using the init script file, and /var/run/postgresql-9.3.pid is owned by root.

[root@postgres ~]# service postgresql-9.3 initdb
Initialising database:                                     [  O.k.  ]
[root@postgres ~]# service postgresql-9.3 start
Starting postgresql-9.3-service:                           [  O.k.  ]
[root@postgres ~]# ls -l /var/run/postgresql-9.3.pid
-rw-r--r--. 1 root root 5  1 dec 07:44 /var/run/postgresql-9.3.pid


The problem is with the init script installed from the rpm package. From line 161 it performs the server start by doing

        echo -n "$PSQL_START"
        $SU -l postgres -c "$PGENGINE/postmaster -p '$PGPORT' -D '$PGDATA' ${PGOPTS} &" >> "$PGLOG" 2>&1 < /dev/null
        sleep 2
        pid=`head -n 1 "$PGDATA/postmaster.pid" 2>/dev/null`
        if [ "x$pid" != x ]
        then   
                success "$PSQL_START"
                touch "$lockfile"
                echo $pid > "$pidfile"
                echo   
        else   
                failure "$PSQL_START"
                echo   
                script_result=1
        fi     

Note the
   echo $pid > "$pidfile"

This creates a pid-file owned by root. The owner:group should be changed to "postgres:postgres", in the same way that is done with the log file $PGLOG a bit earlier in the script. A simple one-line patch is attached.


Regards,
Henrik



Den 01-12-2014 kl. 06:07 skrev Sandeep Thakkar:
The init script will first do "su - postgres" before starting the server, so there is no way that the owner of the PID file (default location is $DATADIR/postmaster.pid) is not postgres. Please recheck.

On Wed, Nov 26, 2014 at 7:49 PM, <henrik-postgres@hswn.dk> wrote:
The following bug has been logged on the website:

Bug reference:      12072
Logged by:          Henrik Storner
Email address:      henrik-postgres@hswn.dk
PostgreSQL version: 9.3.5
Operating system:   CentOS 6.6
Description:

The /etc/init.d/postgresql-9.3 file created a PID file, but fails to make it
owned by user 'postgres'.

This means that using the "pg_ctl" command to restart Postgres fails,
because user postgres cannot update the pid file (if you set
external_pid_file in postgresql.conf so it can find the pid file).

The init script should do a "chown postgres:postgres $pidfile" so the pid
file is owned by the postgres user. This allows pg_ctl commands to work.



--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs



--
Sandeep Thakkar


Attachment

Re: BUG #12072: init script creates pid file with wrong owner

From
Tom Lane
Date:
Henrik Størner <henrik@hswn.dk> writes:
> The problem is with the init script installed from the rpm package. From
> line 161 it performs the server start by doing

>         echo -n "$PSQL_START"
>         $SU -l postgres -c "$PGENGINE/postmaster -p '$PGPORT' -D
> '$PGDATA' ${PGOPTS} &" >> "$PGLOG" 2>&1 < /dev/null
>         sleep 2
>         pid=`head -n 1 "$PGDATA/postmaster.pid" 2>/dev/null`
>         if [ "x$pid" != x ]
>         then
>                 success "$PSQL_START"
>                 touch "$lockfile"
> *                echo $pid > "$pidfile"*
>                 echo
>         else
>                 failure "$PSQL_START"
>                 echo
>                 script_result=1
>         fi

> Note the
>    echo $pid > "$pidfile"

> This creates a pid-file owned by root.

Why is the init script creating such a file at all?  Surely it should be
depending on the one created by the postmaster.  However, if there is a
reason to create a separate pidfile, I don't see the problem particularly:
the postmaster will neither create nor remove it, so it hardly matters
what the ownership is.
        regards, tom lane



Re: BUG #12072: init script creates pid file with wrong owner

From
Henrik Størner
Date:
Tom Lane wrote:
> Henrik Størner <henrik@hswn.dk> writes:
>> The problem is with the init script installed from the rpm package. From
>> line 161 it performs the server start by doing
> Why is the init script creating such a file at all? Surely it should
> be depending on the one created by the postmaster. However, if there
> is a reason to create a separate pidfile, I don't see the problem
> particularly: the postmaster will neither create nor remove it, so it
> hardly matters what the ownership is. regards, tom lane
The problem lies in the interaction between a DBA using the pg_ctl
commands, and a system start/stop script which is executed when the
system boots or shuts down.

Consider this scenario:

1) The system boots, Postgres starts up automatically via the init.d
script. Two pid-files now exist - one created by the init.d script in
/var/run, and another in the PGDATA directory. They are identical.

2) DBA tweaks some configuration requiring a restart. Since the DBA
doesn't have root access, he logs into the "postgres" account and runs
"pg_ctl restart". This updates the pid-file in the PGDATA directory, but
not the one in /var/run because a) the postgres user does not have write
access to the file, and b) by default pg_ctl doesn't know about the pid
file in /var/run. So the two pid-files are no longer in sync, only the
PGDATA pid file is valid.

3) The server is shut down or rebooted. During shutdown the init.d
script looks at the pid-file in /var/run, and finds that the pid listed
no longer exists. Therefore it assumes that Postgres isn't running and
doesn't try to shut it down gracefully. It gets a 'kill -TERM' at a late
point in the shutdown proces, which is not optimal.


I suppose the /var/run pid-file is created by the RPM initscript because
the Linux Filesystem Hierarchy Standard dictates that system services
keep a pid-file in /var/run - not buried somewhere deep inside a service
specific directory.

Fixing the permission setting on the /var/run pidfile is only part of
the solution, for it to work completely you must also change
postgres.conf so the extra_pid_file setting (iirc) is set to the
/var/run pidfile. This makes sure that the 'postmaster' process updates
both pid-files - but it still requires that both pid-files are writable
by the "postgres" user.


Regards,
Henrik





Re: BUG #12072: init script creates pid file with wrong owner

From
Devrim Gündüz
Date:
Hi,

On Wed, 2014-11-26 at 14:19 +0000, henrik-postgres@hswn.dk wrote:
>
> The /etc/init.d/postgresql-9.3 file created a PID file, but fails to
> make it owned by user 'postgres'.
>
> This means that using the "pg_ctl" command to restart Postgres fails,
> because user postgres cannot update the pid file (if you set
> external_pid_file in postgresql.conf so it can find the pid file).

I don't think that we designed the *init script* (kicked by init
subsystem) to be compatible with pg_ctl command (called by postgres
user). If you have an environment that requires a non-root user to
restart postgres, you can hack the init script and add a chown line
there.

That pid file is used by RHCS (IIRC), so I am not inclined to touch it.

Regards,
--
Devrim GÜNDÜZ
Principal Systems Engineer @ EnterpriseDB: http://www.enterprisedb.com
PostgreSQL Danışmanı/Consultant, Red Hat Certified Engineer
Twitter: @DevrimGunduz , @DevrimGunduzTR