Обсуждение: BUG #3126: Kernel audit Problem
The following bug has been logged online: Bug reference: 3126 Logged by: Balaji.S Email address: balajisundar@midascomm.com PostgreSQL version: 7.4.8-1 Operating system: Red Hat Enterprise Linux ES release 4 (Nahant Update 3) Description: Kernel audit Problem Details: Completed the RHEL installation after reboot Postgresql Service is not started.I am starting service Postgresql using (service postgresql start) command i am receiving this error message on the screen(ie. Jan 7 07:20:23 corems kernel: audit(1010368223.881:0): avc: denied { read } for pid=3634 exe=/usr/bin/postgres path=/tmp/sh-thd-1010339898 (deleted) dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:23 corems kernel: audit(1010368223.893:0): avc: denied { read } for pid=3634 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:24 corems kernel: audit(1010368224.191:0): avc: denied { read } for pid=3635 exe=/usr/bin/postgres path=/tmp/sh-thd-1010341041 (deleted) dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:24 corems kernel: audit(1010368224.203:0): avc: denied { read } for pid=3635 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:24 corems kernel: audit(1010368224.480:0): avc: denied { read } for pid=3636 exe=/usr/bin/postgres path=/tmp/sh-thd-1010359030 (deleted) dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:24 corems kernel: audit(1010368224.492:0): avc: denied { read } for pid=3636 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:24 corems kernel: audit(1010368224.514:0): avc: denied { read } for pid=3637 exe=/usr/bin/postgres path=/tmp/sh-thd-1010342188 (deleted) dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:24 corems kernel: audit(1010368224.525:0): avc: denied { read } for pid=3637 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:24 corems kernel: audit(1010368224.579:0): avc: denied { read } for pid=3639 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:25 corems kernel: audit(1010368225.416:0): avc: denied { read } for pid=3641 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:26 corems kernel: audit(1010368226.554:0): avc: denied { read } for pid=3643 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:27 corems kernel: audit(1010368227.547:0): avc: denied { read } for pid=3644 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:28 corems kernel: audit(1010368228.198:0): avc: denied { read } for pid=3667 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:28 corems kernel: audit(1010368228.204:0): avc: denied { read } for pid=3667 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:29 corems postgresql: Starting postgresql service: succeeded Jan 7 07:20:32 corems kernel: audit(1010368232.687:0): avc: denied { read } for pid=3753 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:32 corems kernel: audit(1010368232.697:0): avc: denied { read } for pid=3753 exe=/usr/bin/postgres name=group dev=hda1 ino=64131 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t tclass=file Jan 7 07:20:33 corems postgresql: Starting postgresql service: succeeded ) After error messages service started successfully.how can i start the service without error messages on screen Please Help me to solve this Problem Regards S.Balaji
Balaji.S wrote: > > The following bug has been logged online: > > Bug reference: 3126 > Logged by: Balaji.S > Email address: balajisundar@midascomm.com > PostgreSQL version: 7.4.8-1 > Operating system: Red Hat Enterprise Linux ES release 4 (Nahant Update 3) > Description: Kernel audit Problem > Details: > > Completed the RHEL installation after reboot Postgresql Service is not > started.I am starting service Postgresql using (service postgresql start) > command > i am receiving this error message on the screen(ie. > > Jan 7 07:20:23 corems kernel: audit(1010368223.881:0): avc: denied { read > } for pid=3634 exe=/usr/bin/postgres path=/tmp/sh-thd-1010339898 (deleted) > dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t > tcontext=user_u:object_r:tmp_t tclass=file This is a SELinux misconfiguration problem. -- Alvaro Herrera http://www.CommandPrompt.com/ PostgreSQL Replication, Consulting, Custom Development, 24x7 support
"Balaji.S" <balajisundar@midascomm.com> writes: > PostgreSQL version: 7.4.8-1 > Operating system: Red Hat Enterprise Linux ES release 4 (Nahant Update 3) > Description: Kernel audit Problem 7.4.8-1 is quite old, and I suspect your selinux-policy package is too. You need some combination of these actions: * update to a current Postgres package * update to a current selinux-policy package * run restorecon on the postgres files to get them labeled properly according to the updated policy * re-initdb, if you were bit by https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=149237 regards, tom lane