Обсуждение: Having problem with postgresql configuration (template1 doesn't exist)?
Hello,
I'm having problem with the configuration of postgresql. Can anybody
help me, please?
I did do the followings steps as explained in the section "16.2.
Creating a Database Cluster" of the "PostgreSQL 7.4.7 Documentation":
"root# mkdir /usr/local/pgsql/data
root# chown postgres /usr/local/pgsql/data
root# su postgres
postgres$ initdb -D /usr/local/pgsql/data"
then shows:
"fixing permissions on existing directory /usr/local/pgsql/data... ok
creating directory /usr/local/pgsql/data/base... ok
creating directory /usr/local/pgsql/data/global... ok
creating directory /usr/local/pgsql/data/pg_xlog... ok
creating directory /usr/local/pgsql/data/pg_clog... ok
selecting default max_connections... 10
selecting default shared_buffers... 50
creating configuration files... ok
creating template1 database in /usr/local/pgsql/data/base/1...
initdb: failed"
the file /var/log/messages shows:
"Feb 20 02:01:38 ronin kernel: audit(1108875698.227:0): avc: denied {
write } for pid=8229 exe=/usr/bin/postgres name=data
dev=dm-0 ino=1687533 scontext=user_u:system_r:postgresql_t
tcontext=root:object_r:usr_t tclass=dir
Feb 20 02:01:38 ronin last message repeated 36 times
Feb 20 02:01:38 ronin kernel: audit(1108875698.228:0): avc: denied {
write } for pid=8229 exe=/usr/bin/postgres name=data
dev=dm-0 ino=1687533 scontext=user_u:system_r:postgresql_t
tcontext=root:object_r:usr_t tclass=dir
Feb 20 02:01:38 ronin last message repeated 47 times
Feb 20 02:01:38 ronin kernel: audit(1108875698.229:0): avc: denied {
write } for pid=8229 exe=/usr/bin/postgres name=data
dev=dm-0 ino=1687533 scontext=user_u:system_r:postgresql_t
tcontext=root:object_r:usr_t tclass=dir
Feb 20 02:01:38 ronin last message repeated 16 times
Feb 20 02:01:38 ronin kernel: audit(1108875698.435:0): avc: denied {
write } for pid=8305 exe=/usr/bin/postgres name=data
dev=dm-0 ino=1687533 scontext=user_u:system_r:postgresql_t
tcontext=root:object_r:usr_t tclass=dir
Feb 20 02:01:38 ronin kernel: audit(1108875698.436:0): avc: denied {
write } for pid=8305 exe=/usr/bin/postgres name=data
dev=dm-0 ino=1687533 scontext=user_u:system_r:postgresql_t
tcontext=root:object_r:usr_t tclass=dir
Feb 20 02:01:38 ronin last message repeated 39 times
Feb 20 02:01:38 ronin kernel: audit(1108875698.437:0): avc: denied {
write } for pid=8305 exe=/usr/bin/postgres name=data
dev=dm-0 ino=1687533 scontext=user_u:system_r:postgresql_t
tcontext=root:object_r:usr_t tclass=dir
Feb 20 02:01:38 ronin last message repeated 46 times
Feb 20 02:01:38 ronin kernel: audit(1108875698.438:0): avc: denied {
write } for pid=8305 exe=/usr/bin/postgres name=data
dev=dm-0 ino=1687533 scontext=user_u:system_r:postgresql_t
tcontext=root:object_r:usr_t tclass=dir
Feb 20 02:01:38 ronin last message repeated 13 times
Feb 20 02:01:52 ronin su(pam_unix)[8056]: session closed for user postgres"
I have:
kernel-2.6.10-1.766_FC3
libselinux-1.19.1-8
libselinux-devel-1.19.1-8
selinux-policy-targeted-1.17.30-2.80
postgresql-7.4.7-1.FC3.2
postgresql-libs-7.4.7-1.FC3.2
postgresql-server-7.4.7-1.FC3.2
TIA,
Vinicius.
Vinicius <cviniciusm@terra.com.br> writes:
> postgres$ initdb -D /usr/local/pgsql/data"
> the file /var/log/messages shows:
> "Feb 20 02:01:38 ronin kernel: audit(1108875698.227:0): avc: denied {
> write } for pid=8229 exe=/usr/bin/postgres name=data
> dev=dm-0 ino=1687533 scontext=user_u:system_r:postgresql_t
> tcontext=root:object_r:usr_t tclass=dir
You can't put the data directory in a nonstandard place under SELinux
unless you modify the security policy to allow the postgres daemon to
write in that nonstandard place. The normal behavior of
selinux-policy-targeted is to confine postgres to /var/lib/pgsql.
So: (1) use /var/lib/pgsql/data, (2) modify the policy, or (3)
disable SELinux enforcement.
BTW, since you are using the RPMs, why are you bothering with manual
database setup? "sudo /sbin/service postgresql start" is all you
need to do.
regards, tom lane
Tom Lane escreveu:
> Vinicius <cviniciusm@terra.com.br> writes:
>
>>postgres$ initdb -D /usr/local/pgsql/data"
>
>
>>the file /var/log/messages shows:
>>"Feb 20 02:01:38 ronin kernel: audit(1108875698.227:0): avc: denied {
>>write } for pid=8229 exe=/usr/bin/postgres name=data
>>dev=dm-0 ino=1687533 scontext=user_u:system_r:postgresql_t
>>tcontext=root:object_r:usr_t tclass=dir
>
>
> You can't put the data directory in a nonstandard place under SELinux
> unless you modify the security policy to allow the postgres daemon to
> write in that nonstandard place. The normal behavior of
> selinux-policy-targeted is to confine postgres to /var/lib/pgsql.
>
> So: (1) use /var/lib/pgsql/data, (2) modify the policy, or (3)
> disable SELinux enforcement.
>
> BTW, since you are using the RPMs, why are you bothering with manual
> database setup? "sudo /sbin/service postgresql start" is all you
> need to do.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
>
Thanks.
I tryed to create another data dir because I don't have the template1
database.
"# ls /var/lib/pgsql/data/base/1
1247 16386 16396 16406 16416 16601 16606 16611 16616 16621
16630 16635 16640 16647 16652
1249 16388 16398 16408 16418 16602 16607 16612 16617 16624
16631 16636 16641 16648 16653
1255 16390 16400 16410 16595 16603 16608 16613 16618 16625
16632 16637 16642 16649 pg_internal.init
1259 16392 16402 16412 16597 16604 16609 16614 16619 16626
16633 16638 16643 16650 PG_VERSION
16384 16394 16404 16414 16599 16605 16610 16615 16620 16629
16634 16639 16644 16651"
How to workaround this, please? Should I remove the /var/lib/pgsql/data
dir and create another with initdb command, please?
TIA,
Vinicius.
Vinicius <cviniciusm@terra.com.br> writes: > I tryed to create another data dir because I don't have the template1 > database. I think you got bit by one of the early-FC3 selinux policy bugs; see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=142607 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=143208 You probably want to rm -rf /var/lib/pgsql/data/ and try again after making sure (a) you have the latest postgres and selinux packages and (b) you've done restorecon on /var/lib/pgsql and /var/log/pgsql. regards, tom lane
Tom Lane escreveu: > Vinicius <cviniciusm@terra.com.br> writes: > >>I tryed to create another data dir because I don't have the template1 >>database. > > > I think you got bit by one of the early-FC3 selinux policy bugs; see > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=142607 > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=143208 > > You probably want to rm -rf /var/lib/pgsql/data/ and try again > after making sure (a) you have the latest postgres and selinux > packages and (b) you've done restorecon on /var/lib/pgsql and > /var/log/pgsql. > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 7: don't forget to increase your free space map settings > I did do "rm -fr /var/lib/pgsql/data/" (a) I have the lastest *stable postgres package* from Fedora Core 3; (b) I did do restorecon on "/var/lib/pgsql" and on "/var/log/pgsql". now it pass the "...creating template1 database in /var/lib/pgsql/data/base/1... ok" but stop at "... initializing pg_shadow... ok enabling unlimited row size for system tables... ok initializing pg_depend... ok creating system views... ok loading pg_description... ok creating conversions... ok setting privileges on built-in objects... ok *creating information schema...* initdb: failed" /var/log/messages shows: "... Feb 21 09:10:43 ronin kernel: audit(1108987843.094:0): avc: denied { read } for pid=6766 exe=/usr/bin/postgres path=/tmp/sh-thd-1108997049 (deleted) dev=dm-0 ino=1046660 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Feb 21 09:10:43 ronin kernel: audit(1108987843.423:0): avc: denied { read } for pid=6767 exe=/usr/bin/postgres path=/tmp/sh-thd-1108980215 (deleted) dev=dm-0 ino=1046660 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Feb 21 09:10:43 ronin kernel: audit(1108987843.480:0): avc: denied { read } for pid=6768 exe=/usr/bin/postgres path=/tmp/sh-thd-1109000142 (deleted) dev=dm-0 ino=1046660 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Feb 21 09:10:43 ronin kernel: audit(1108987843.542:0): avc: denied { read } for pid=6769 exe=/usr/bin/postgres path=/tmp/sh-thd-1108983044 (deleted) dev=dm-0 ino=1046660 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file" I think "/usr/bin/postgres" was tried to write to a file in "/tmp" and was denied. And I still don't get the template1 database. Thanks.
Vinicius escreveu: > Tom Lane escreveu: > >> Vinicius <cviniciusm@terra.com.br> writes: >> >>> I tryed to create another data dir because I don't have the template1 >>> database. >> >> >> >> I think you got bit by one of the early-FC3 selinux policy bugs; see >> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=142607 >> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=143208 >> >> You probably want to rm -rf /var/lib/pgsql/data/ and try again >> after making sure (a) you have the latest postgres and selinux >> packages and (b) you've done restorecon on /var/lib/pgsql and >> /var/log/pgsql. >> >> regards, tom lane >> >> ---------------------------(end of broadcast)--------------------------- >> TIP 7: don't forget to increase your free space map settings >> > > I did do "rm -fr /var/lib/pgsql/data/" > (a) I have the lastest *stable postgres package* from Fedora Core 3; > (b) I did do restorecon on "/var/lib/pgsql" and on "/var/log/pgsql". > > now it pass the "...creating template1 database in > /var/lib/pgsql/data/base/1... ok" but stop at > "... > initializing pg_shadow... ok > enabling unlimited row size for system tables... ok > initializing pg_depend... ok > creating system views... ok > loading pg_description... ok > creating conversions... ok > setting privileges on built-in objects... ok > *creating information schema...* > initdb: failed" > > /var/log/messages shows: > "... > Feb 21 09:10:43 ronin kernel: audit(1108987843.094:0): avc: denied { > read } for pid=6766 exe=/usr/bin/postgres path=/tmp/sh-thd-1108997049 > (deleted) dev=dm-0 ino=1046660 scontext=user_u:system_r:postgresql_t > tcontext=user_u:object_r:tmp_t tclass=file > Feb 21 09:10:43 ronin kernel: audit(1108987843.423:0): avc: denied { > read } for pid=6767 exe=/usr/bin/postgres path=/tmp/sh-thd-1108980215 > (deleted) dev=dm-0 ino=1046660 scontext=user_u:system_r:postgresql_t > tcontext=user_u:object_r:tmp_t tclass=file > Feb 21 09:10:43 ronin kernel: audit(1108987843.480:0): avc: denied { > read } for pid=6768 exe=/usr/bin/postgres path=/tmp/sh-thd-1109000142 > (deleted) dev=dm-0 ino=1046660 scontext=user_u:system_r:postgresql_t > tcontext=user_u:object_r:tmp_t tclass=file > Feb 21 09:10:43 ronin kernel: audit(1108987843.542:0): avc: denied { > read } for pid=6769 exe=/usr/bin/postgres path=/tmp/sh-thd-1108983044 > (deleted) dev=dm-0 ino=1046660 scontext=user_u:system_r:postgresql_t > tcontext=user_u:object_r:tmp_t tclass=file" > > I think "/usr/bin/postgres" was tried to write to a file in "/tmp" and > was denied. > > And I still don't get the template1 database. > > Thanks. I think it tried to read instead to write.
Vinicius escreveu: > > And I still don't get the template1 database. > > Thanks. > I think the server must be running to create the template1 database. I'm a newbie, sorry.
Hi All, Have just installed a linux (red hat 9) version of postgreSQL (7.4.2) and for some reason the database has no functions/operators/aggregates that I have on a Windows BETA4 version. Are these seperate installations or are they supposed to be standard with the general installation. Regards, Kevin --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.859 / Virus Database: 585 - Release Date: 2005/02/14
Vinicius <cviniciusm@terra.com.br> writes:
> /var/log/messages shows:
> "...
> Feb 21 09:10:43 ronin kernel: audit(1108987843.094:0): avc: denied {
> read } for pid=6766 exe=/usr/bin/postgres path=/tmp/sh-thd-1108997049
> (deleted) dev=dm-0 ino=1046660 scontext=user_u:system_r:postgresql_t
> tcontext=user_u:object_r:tmp_t tclass=file
> And I still don't get the template1 database.
Sigh. I coulda sworn I tested this in December, but it's definitely
busted now:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=149237
(I might have messed up by only testing PG 8.0 --- 8.0 does not have
this problem, since initdb is no longer a shell script.)
The short-term workaround is to temporarily disable selinux
(sudo /usr/sbin/setenforce 0) while you initialize the database.
regards, tom lane
Tom Lane escreveu: > Sigh. I coulda sworn I tested this in December, but it's definitely > busted now: > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=149237 > (I might have messed up by only testing PG 8.0 --- 8.0 does not have > this problem, since initdb is no longer a shell script.) > > The short-term workaround is to temporarily disable selinux > (sudo /usr/sbin/setenforce 0) while you initialize the database. > > regards, tom lane I have updated my systems to the latest postgresql packages and know I can work with postgresql. Thanks a lot.