From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1SMKW7-0000Gk-2I for garchives@archives.gentoo.org; Mon, 23 Apr 2012 14:45:28 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 1EFE2E0D34; Mon, 23 Apr 2012 14:45:02 +0000 (UTC) Received: from mail2.viabit.com (mail2.viabit.com [65.246.80.16]) by pigeon.gentoo.org (Postfix) with ESMTP id 6EEA7E0D20 for ; Mon, 23 Apr 2012 14:43:19 +0000 (UTC) Received: from [10.1.1.204] (unknown [65.213.236.244]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail2.viabit.com (Postfix) with ESMTPSA id ED68D37B79 for ; Mon, 23 Apr 2012 10:43:18 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=orlitzky.com; s=mail2; t=1335192198; bh=d7eB4YaQUKJf7HCGbjH7BGo+ayqRDocyqt5Xi9dz05k=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=rNwVGVkF1Pyap7IJXTZyR8S+dS9MK0YoIHOWOMNI3xMAoE5KExefdsiVN75WRD8Su meXr1/e81aobMHjGMTJ3gHS0Fo3BlWfx+1SJQVF4UbrzE3J5i1+qP/sYVmLh3faZeh fshNJnMI40B1ipURErtNxi1u1OgsoeJKKjia0wGQ= Message-ID: <4F956A86.8060105@orlitzky.com> Date: Mon, 23 Apr 2012 10:43:18 -0400 From: Michael Orlitzky User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.1) Gecko/20120320 Thunderbird/10.0.1 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Postgres suddenly can't access files in its /etc directory References: <20120423132130.GA11404@squareownz.org> In-Reply-To: <20120423132130.GA11404@squareownz.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 1642f83b-7396-41fc-ba25-aad3c5c5fd91 X-Archives-Hash: 1c9ff2dbc9f29de2cc7e45035fce823a On 04/23/12 09:21, napalm@squareownz.org wrote: > I'm unsure if I should be posting this to the -hardened mailing list as > I'm using the hardened profile but all of a sudden I'm getting a rather > strange error when trying to start postgres. > > # /etc/init.d/postgresql-9.1 start > * Caching service dependencies ... [ ok ] > * The following file(s) are not readable by 'postgres': > * /etc/postgresql-9.1/postgresql.conf > * /etc/postgresql-9.1/pg_ident.conf > * /etc/postgresql-9.1/pg_hba.conf > * HINT: Try: 'chmod 644 /etc/postgresql-9.1/*.conf' > * ERROR: postgresql-9.1 failed to start > > That's what I'm getting when I attempt to start it and I don't seem to have modified anything. > > Looking into the init script I can see it's doing su postgres -c "test -r /etc/postgresql-9.1/pg_hba.conf" and the like but the output of: > su postgres -c "test -r /etc/postgresql-9.1/pg_hba.conf" || echo "fail" > is fail... so I'm quite at a loss as to what could be going on here. All of the files are owned by postgres, have the correct permissions (I ran chmod 644 as it hinted) and it should be able to traverse to the directory as everything has the execute bit from /etc onwards. > You can `su postgres` and then try to read the files yourself. That should reveal the problem.