Обсуждение: Possible Bug - error creating a tablespace
So I think I *may* have found a bug but I want to be sure before I file a bug. I did a search on the pgsql-bugs list using the search text: cannot create tablespace and got nothing back. Here's the scenario: 1) we installed CentOS 5.3 x86_64 on a 64bit Dell server 2) I installed the pgdg_centos-8.3-6.noarch rpm in order to enable the 8.3.x repo. 3) I used yum to install postgres and friends 4) Here's the weird part: -- If I start the cluster via "sudo /etc/init.d/postgres start" and then try and create a tablespace it fails with : create tablespace benchmark2 location '/eq5/pwbbench'; ERROR: could not set permissions on directory "/eq5/pwbbench": Permission denied -- however if I start the db as user postgres with: pg_ctl -D /var/lib/pgsql/data start and then create the tablespace it works. Likewise if I create the tablespace after starting the cluster via pg_ctl and then subsequently restart the db via 'sudo /etc/init.d/postgres start' I get errors trying to insert data into the previously created tablespace but if I start the cluster with pg_ctl (as user postgres) then I can also add data to the tablespace. I see that in the /etc/init.d/postgres file the start command is running the postmaster (not pg_ctl) as user postgres. So, based on the above I suspect Its a bug but I wanted to be sure. Thoughts?
Kevin Kempter <kevink@consistentstate.com> writes: > 4) Here's the weird part: > -- If I start the cluster via "sudo /etc/init.d/postgres start" and then try > and create a tablespace it fails with : > create tablespace benchmark2 location '/eq5/pwbbench'; > ERROR: could not set permissions on directory "/eq5/pwbbench": Permission > denied > -- however if I start the db as user postgres with: > pg_ctl -D /var/lib/pgsql/data start > and then create the tablespace it works. SELinux ... in the first case SELinux recognizes the postmaster as being a daemon it ought to restrict, in the second case it just thinks it's an interactive program. In general, using tablespaces under SELinux requires labeling their root directories properly; postgresql_db_t if memory serves. regards, tom lane
On 09/23/2009 04:30 PM, Tom Lane wrote: > Kevin Kempter <kevink@consistentstate.com> writes: >> 4) Here's the weird part: >> -- If I start the cluster via "sudo /etc/init.d/postgres start" and then try >> and create a tablespace it fails with : > >> create tablespace benchmark2 location '/eq5/pwbbench'; >> ERROR: could not set permissions on directory "/eq5/pwbbench": Permission >> denied > >> -- however if I start the db as user postgres with: > >> pg_ctl -D /var/lib/pgsql/data start >> and then create the tablespace it works. > > SELinux ... in the first case SELinux recognizes the postmaster as being > a daemon it ought to restrict, in the second case it just thinks it's > an interactive program. > > In general, using tablespaces under SELinux requires labeling their root > directories properly; postgresql_db_t if memory serves. > > regards, tom lane > from my notes about Selinux and postgresql under Fedora 11. try executing the following, in one line as root: semanage fcontext -a --seuser system_u -t postgresql_db_t '/eq5/pwbbench(/.*)?' and after: restorecon -R -v /eq5/pwbbench