On Mon, April 23, 2012 3:21 pm, nap...@squareownz.org wrote: > I'm unsure if I should be posting this to the -hardened mailing list as > I'm using the hardened profile but all of a sudden I'm getting a rather > strange error when trying to start postgres. > > # /etc/init.d/postgresql-9.1 start > * Caching service dependencies ... [ > ok ] > * The following file(s) are not readable by 'postgres': > * /etc/postgresql-9.1/postgresql.conf > * /etc/postgresql-9.1/pg_ident.conf > * /etc/postgresql-9.1/pg_hba.conf > * HINT: Try: 'chmod 644 /etc/postgresql-9.1/*.conf' > * ERROR: postgresql-9.1 failed to start > > That's what I'm getting when I attempt to start it and I don't seem to > have modified anything. > > Looking into the init script I can see it's doing su postgres -c "test -r > /etc/postgresql-9.1/pg_hba.conf" and the like but the output of: > su postgres -c "test -r /etc/postgresql-9.1/pg_hba.conf" || echo "fail" > is fail... so I'm quite at a loss as to what could be going on here. All > of the files are owned by postgres, have the correct permissions (I ran > chmod 644 as it hinted) and it should be able to traverse to the directory > as everything has the execute bit from /etc onwards. > > Any tips?
I don't have much experience with Hardenened, but are you certain that any permissions (including ACLs) are set correctly for PostgreSQL to access all its files? Do you have "sec-policy/selinux-postgresql" installed? And did you re-emerge this after the update? -- Joost