CentOS 7 pg_ctl: could not access directory “/var/lib/pgsql/data”: Permission denied
PostgreSQL 10.6 and CentOS 7
pg_ctl status
pg_ctl: could not access directory "/var/lib/pgsql/data": Permission denied`
Wouldn't pg_ctl
have access to this, given /var/lib/pgsql/data
has ownership postgres:postgres
?
drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
How can I fix this without creating a vulnerability? Why is this throwing an error?
Additional info (edit):
su - postgres
cd /var/lib
/var/lib/pgsql: drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
/var/lib/pgsql/10: drwx------ 4 postgres postgres 33 Nov 14 06:38 10
/var/lib/pgsql/10/data: drwx------ 20 postgres postgres 4096 Nov 15 03:47 data
postgresql centos7 pg-ctl
add a comment |
PostgreSQL 10.6 and CentOS 7
pg_ctl status
pg_ctl: could not access directory "/var/lib/pgsql/data": Permission denied`
Wouldn't pg_ctl
have access to this, given /var/lib/pgsql/data
has ownership postgres:postgres
?
drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
How can I fix this without creating a vulnerability? Why is this throwing an error?
Additional info (edit):
su - postgres
cd /var/lib
/var/lib/pgsql: drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
/var/lib/pgsql/10: drwx------ 4 postgres postgres 33 Nov 14 06:38 10
/var/lib/pgsql/10/data: drwx------ 20 postgres postgres 4096 Nov 15 03:47 data
postgresql centos7 pg-ctl
add a comment |
PostgreSQL 10.6 and CentOS 7
pg_ctl status
pg_ctl: could not access directory "/var/lib/pgsql/data": Permission denied`
Wouldn't pg_ctl
have access to this, given /var/lib/pgsql/data
has ownership postgres:postgres
?
drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
How can I fix this without creating a vulnerability? Why is this throwing an error?
Additional info (edit):
su - postgres
cd /var/lib
/var/lib/pgsql: drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
/var/lib/pgsql/10: drwx------ 4 postgres postgres 33 Nov 14 06:38 10
/var/lib/pgsql/10/data: drwx------ 20 postgres postgres 4096 Nov 15 03:47 data
postgresql centos7 pg-ctl
PostgreSQL 10.6 and CentOS 7
pg_ctl status
pg_ctl: could not access directory "/var/lib/pgsql/data": Permission denied`
Wouldn't pg_ctl
have access to this, given /var/lib/pgsql/data
has ownership postgres:postgres
?
drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
How can I fix this without creating a vulnerability? Why is this throwing an error?
Additional info (edit):
su - postgres
cd /var/lib
/var/lib/pgsql: drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
/var/lib/pgsql/10: drwx------ 4 postgres postgres 33 Nov 14 06:38 10
/var/lib/pgsql/10/data: drwx------ 20 postgres postgres 4096 Nov 15 03:47 data
postgresql centos7 pg-ctl
postgresql centos7 pg-ctl
edited Nov 15 '18 at 16:33
Laurenz Albe
47.8k102748
47.8k102748
asked Nov 15 '18 at 8:32
Rich_FRich_F
4801519
4801519
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).
So it doesn't matter who owns pg_ctl
, but you have to be user postgres
when you run it.
My point was that I would thinkpg_ctl
would be the way of getting this to other users, instead of having to log in as thepostgres
user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd bepostgres
. I just thought they would allow tools available to normal users, or at leastsu
.
– Rich_F
Nov 15 '18 at 16:51
1
What's wrong with usingpg_isready
?
– Laurenz Albe
Nov 15 '18 at 16:54
Nothing wrong with it. First time I've seen it, actually. Different result as well.
– Rich_F
Nov 15 '18 at 16:55
What exactly is your need?
– Laurenz Albe
Nov 15 '18 at 17:12
Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db usingSHOW all;
.
– Rich_F
Nov 15 '18 at 17:13
add a comment |
This needs few troubleshooting steps to pinpoint the real issue.
- Find out the user/owner and files permissions for that location in Linux:
Ls - al /var/lib/pgsql/data/
ls - al /var/lib/pgsql/
Try to change to the postgres user and access the directory in 1
# su - postgres
Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible
https://wiki.postgresql.org/wiki/First_steps
https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04
Update
From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions
Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..
Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside/var/lib
. The database works. I just can't usepg_ctl status
due to the permissions that the install set itself. It's odd.
– Rich_F
Nov 15 '18 at 13:54
Can u spit the outputs to show the owner?
– Salah-1
Nov 15 '18 at 14:01
In original post.
– Rich_F
Nov 15 '18 at 14:06
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53315221%2fcentos-7-pg-ctl-could-not-access-directory-var-lib-pgsql-data-permission-de%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).
So it doesn't matter who owns pg_ctl
, but you have to be user postgres
when you run it.
My point was that I would thinkpg_ctl
would be the way of getting this to other users, instead of having to log in as thepostgres
user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd bepostgres
. I just thought they would allow tools available to normal users, or at leastsu
.
– Rich_F
Nov 15 '18 at 16:51
1
What's wrong with usingpg_isready
?
– Laurenz Albe
Nov 15 '18 at 16:54
Nothing wrong with it. First time I've seen it, actually. Different result as well.
– Rich_F
Nov 15 '18 at 16:55
What exactly is your need?
– Laurenz Albe
Nov 15 '18 at 17:12
Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db usingSHOW all;
.
– Rich_F
Nov 15 '18 at 17:13
add a comment |
In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).
So it doesn't matter who owns pg_ctl
, but you have to be user postgres
when you run it.
My point was that I would thinkpg_ctl
would be the way of getting this to other users, instead of having to log in as thepostgres
user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd bepostgres
. I just thought they would allow tools available to normal users, or at leastsu
.
– Rich_F
Nov 15 '18 at 16:51
1
What's wrong with usingpg_isready
?
– Laurenz Albe
Nov 15 '18 at 16:54
Nothing wrong with it. First time I've seen it, actually. Different result as well.
– Rich_F
Nov 15 '18 at 16:55
What exactly is your need?
– Laurenz Albe
Nov 15 '18 at 17:12
Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db usingSHOW all;
.
– Rich_F
Nov 15 '18 at 17:13
add a comment |
In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).
So it doesn't matter who owns pg_ctl
, but you have to be user postgres
when you run it.
In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).
So it doesn't matter who owns pg_ctl
, but you have to be user postgres
when you run it.
answered Nov 15 '18 at 16:31
Laurenz AlbeLaurenz Albe
47.8k102748
47.8k102748
My point was that I would thinkpg_ctl
would be the way of getting this to other users, instead of having to log in as thepostgres
user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd bepostgres
. I just thought they would allow tools available to normal users, or at leastsu
.
– Rich_F
Nov 15 '18 at 16:51
1
What's wrong with usingpg_isready
?
– Laurenz Albe
Nov 15 '18 at 16:54
Nothing wrong with it. First time I've seen it, actually. Different result as well.
– Rich_F
Nov 15 '18 at 16:55
What exactly is your need?
– Laurenz Albe
Nov 15 '18 at 17:12
Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db usingSHOW all;
.
– Rich_F
Nov 15 '18 at 17:13
add a comment |
My point was that I would thinkpg_ctl
would be the way of getting this to other users, instead of having to log in as thepostgres
user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd bepostgres
. I just thought they would allow tools available to normal users, or at leastsu
.
– Rich_F
Nov 15 '18 at 16:51
1
What's wrong with usingpg_isready
?
– Laurenz Albe
Nov 15 '18 at 16:54
Nothing wrong with it. First time I've seen it, actually. Different result as well.
– Rich_F
Nov 15 '18 at 16:55
What exactly is your need?
– Laurenz Albe
Nov 15 '18 at 17:12
Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db usingSHOW all;
.
– Rich_F
Nov 15 '18 at 17:13
My point was that I would think
pg_ctl
would be the way of getting this to other users, instead of having to log in as the postgres
user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd be postgres
. I just thought they would allow tools available to normal users, or at least su
.– Rich_F
Nov 15 '18 at 16:51
My point was that I would think
pg_ctl
would be the way of getting this to other users, instead of having to log in as the postgres
user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd be postgres
. I just thought they would allow tools available to normal users, or at least su
.– Rich_F
Nov 15 '18 at 16:51
1
1
What's wrong with using
pg_isready
?– Laurenz Albe
Nov 15 '18 at 16:54
What's wrong with using
pg_isready
?– Laurenz Albe
Nov 15 '18 at 16:54
Nothing wrong with it. First time I've seen it, actually. Different result as well.
– Rich_F
Nov 15 '18 at 16:55
Nothing wrong with it. First time I've seen it, actually. Different result as well.
– Rich_F
Nov 15 '18 at 16:55
What exactly is your need?
– Laurenz Albe
Nov 15 '18 at 17:12
What exactly is your need?
– Laurenz Albe
Nov 15 '18 at 17:12
Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db using
SHOW all;
.– Rich_F
Nov 15 '18 at 17:13
Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db using
SHOW all;
.– Rich_F
Nov 15 '18 at 17:13
add a comment |
This needs few troubleshooting steps to pinpoint the real issue.
- Find out the user/owner and files permissions for that location in Linux:
Ls - al /var/lib/pgsql/data/
ls - al /var/lib/pgsql/
Try to change to the postgres user and access the directory in 1
# su - postgres
Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible
https://wiki.postgresql.org/wiki/First_steps
https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04
Update
From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions
Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..
Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside/var/lib
. The database works. I just can't usepg_ctl status
due to the permissions that the install set itself. It's odd.
– Rich_F
Nov 15 '18 at 13:54
Can u spit the outputs to show the owner?
– Salah-1
Nov 15 '18 at 14:01
In original post.
– Rich_F
Nov 15 '18 at 14:06
add a comment |
This needs few troubleshooting steps to pinpoint the real issue.
- Find out the user/owner and files permissions for that location in Linux:
Ls - al /var/lib/pgsql/data/
ls - al /var/lib/pgsql/
Try to change to the postgres user and access the directory in 1
# su - postgres
Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible
https://wiki.postgresql.org/wiki/First_steps
https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04
Update
From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions
Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..
Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside/var/lib
. The database works. I just can't usepg_ctl status
due to the permissions that the install set itself. It's odd.
– Rich_F
Nov 15 '18 at 13:54
Can u spit the outputs to show the owner?
– Salah-1
Nov 15 '18 at 14:01
In original post.
– Rich_F
Nov 15 '18 at 14:06
add a comment |
This needs few troubleshooting steps to pinpoint the real issue.
- Find out the user/owner and files permissions for that location in Linux:
Ls - al /var/lib/pgsql/data/
ls - al /var/lib/pgsql/
Try to change to the postgres user and access the directory in 1
# su - postgres
Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible
https://wiki.postgresql.org/wiki/First_steps
https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04
Update
From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions
Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..
This needs few troubleshooting steps to pinpoint the real issue.
- Find out the user/owner and files permissions for that location in Linux:
Ls - al /var/lib/pgsql/data/
ls - al /var/lib/pgsql/
Try to change to the postgres user and access the directory in 1
# su - postgres
Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible
https://wiki.postgresql.org/wiki/First_steps
https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04
Update
From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions
Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..
edited Nov 15 '18 at 15:06
answered Nov 15 '18 at 13:47
Salah-1Salah-1
790914
790914
Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside/var/lib
. The database works. I just can't usepg_ctl status
due to the permissions that the install set itself. It's odd.
– Rich_F
Nov 15 '18 at 13:54
Can u spit the outputs to show the owner?
– Salah-1
Nov 15 '18 at 14:01
In original post.
– Rich_F
Nov 15 '18 at 14:06
add a comment |
Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside/var/lib
. The database works. I just can't usepg_ctl status
due to the permissions that the install set itself. It's odd.
– Rich_F
Nov 15 '18 at 13:54
Can u spit the outputs to show the owner?
– Salah-1
Nov 15 '18 at 14:01
In original post.
– Rich_F
Nov 15 '18 at 14:06
Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside
/var/lib
. The database works. I just can't use pg_ctl status
due to the permissions that the install set itself. It's odd.– Rich_F
Nov 15 '18 at 13:54
Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside
/var/lib
. The database works. I just can't use pg_ctl status
due to the permissions that the install set itself. It's odd.– Rich_F
Nov 15 '18 at 13:54
Can u spit the outputs to show the owner?
– Salah-1
Nov 15 '18 at 14:01
Can u spit the outputs to show the owner?
– Salah-1
Nov 15 '18 at 14:01
In original post.
– Rich_F
Nov 15 '18 at 14:06
In original post.
– Rich_F
Nov 15 '18 at 14:06
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53315221%2fcentos-7-pg-ctl-could-not-access-directory-var-lib-pgsql-data-permission-de%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown