Thread: Restarting, ownership, and permissions
I run my Postgres DB on a virtual linux server where I don't have root.
I'm 'admin', by default, and have created a 'postgres' user to own the DB
dir.
My problem is that on occassion, my ISP restarts my server, stranding all
my processes. While I have scripts to restart Apache and my Servlet
engine on reboot, I don't know how to get the Postgres DB up and running
again. The main problem is that the dir is owned (postgres.postgres) and
chmod'd to 700, keeping anyone but the 'postgres' user from starting it
up.
I tried chownin'g the DB dir to postgres.admin, and chmodding to 770, but
when I tried to start the DB, I got a fatal error in the log indicating
that postgres must own the dir, and the permissions must be u=rwx. What
can I do?
Thanks,
Zeb
"Aurangzeb M. Agha" <ama-list@mltp.com> writes: > I run my Postgres DB on a virtual linux server where I don't have root. > I'm 'admin', by default, and have created a 'postgres' user to own the DB > dir. > > My problem is that on occassion, my ISP restarts my server, stranding all > my processes. While I have scripts to restart Apache and my Servlet > engine on reboot, I don't know how to get the Postgres DB up and running > again. The main problem is that the dir is owned (postgres.postgres) and > chmod'd to 700, keeping anyone but the 'postgres' user from starting it > up. > > I tried chownin'g the DB dir to postgres.admin, and chmodding to 770, but > when I tried to start the DB, I got a fatal error in the log indicating > that postgres must own the dir, and the permissions must be u=rwx. What > can I do? You have several choices as I see it: 1) Have Postgres run as 'admin' (not ideal, but not horrible) 2) Manually log in as 'postgres' to start the server when necessary 3) Work with your ISP to find a clean solution--perhaps they can create a little setuid 'postgres' C program that runs the startup script I recommend #3, personally. -Doug
On Tuesday 02 September 2003 21:51, Aurangzeb M. Agha wrote: > I run my Postgres DB on a virtual linux server where I don't have root. > I'm 'admin', by default, and have created a 'postgres' user to own the DB > dir. > > My problem is that on occassion, my ISP restarts my server, stranding all > my processes. While I have scripts to restart Apache and my Servlet > engine on reboot, I don't know how to get the Postgres DB up and running > again. The main problem is that the dir is owned (postgres.postgres) and > chmod'd to 700, keeping anyone but the 'postgres' user from starting it > up. > > I tried chownin'g the DB dir to postgres.admin, and chmodding to 770, but > when I tried to start the DB, I got a fatal error in the log indicating > that postgres must own the dir, and the permissions must be u=rwx. What > can I do? Hmm - so you can't "su - postgres" because as "admin" you'll need a password. Off the top of my head you could: 1. chmod PG's startup script, so it runs suid as postgres (chmod u+s) 2. Use ssh to login as user postgres on localhost and execute pg_ctl start (you can setup ssh so it doesn't need a password) Either of those should work, with a little effort. -- Richard Huxton Archonet Ltd
On Tue, 2 Sep 2003, Richard Huxton wrote: > On Tuesday 02 September 2003 21:51, Aurangzeb M. Agha wrote: > > I run my Postgres DB on a virtual linux server where I don't have root. > > I'm 'admin', by default, and have created a 'postgres' user to own the DB > > dir. > > > > My problem is that on occassion, my ISP restarts my server, stranding all > > my processes. While I have scripts to restart Apache and my Servlet > > engine on reboot, I don't know how to get the Postgres DB up and running > > again. The main problem is that the dir is owned (postgres.postgres) and > > chmod'd to 700, keeping anyone but the 'postgres' user from starting it > > up. > > > > I tried chownin'g the DB dir to postgres.admin, and chmodding to 770, but > > when I tried to start the DB, I got a fatal error in the log indicating > > that postgres must own the dir, and the permissions must be u=rwx. What > > can I do? > > Hmm - so you can't "su - postgres" because as "admin" you'll need a password. > Off the top of my head you could: > > 1. chmod PG's startup script, so it runs suid as postgres (chmod u+s) > 2. Use ssh to login as user postgres on localhost and execute pg_ctl start > (you can setup ssh so it doesn't need a password) > > Either of those should work, with a little effort. But not without root access or logging in as postgres :) I would suggest that if you can't get your ISP to install the startup script where is should be (/etc/init.d/ and the appropiate symbolic link) then don't use the postgres user for your database. Presumably as admin you can administer users. So create a new user, say postgres2. Initialise a data directory: $ initdb -D ~postgres2/data as that new user. Then when you need to you can at least start the db manually by logging in as postgres2, which you are able to do since you have control over that user. -- Nigel J. Andrews
>>>>> "Richard" == Richard Huxton <dev@archonet.com> writes:
Richard> Hmm - so you can't "su - postgres" because as "admin"
Richard> you'll need a password. Off the top of my head you
Richard> could:
One possibility given ssh access to the machine, from admin :-
ssh postgres@localhost <command>
making sure that admin can ssh to postgres without a password or
passphrase,
Sincerely,
Adrian Phillips
--
Who really wrote the works of William Shakespeare ?
http://www.pbs.org/wgbh/pages/frontline/shakespeare/