Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

PostgreSQL won't start: "server.key" has group or world access

Tags:

linux

postgresql

private-key

odoo

openerp

Whenerver I start PostgreSQL using command: 

$ sudo /etc/init.d/postgresql start

Pg doesn't start up. The error reported is:

 * Starting PostgreSQL 8.4 database server  * The PostgreSQL server failed to start. Please check the log output: 2010-01-21 22:10:00 PST FATAL: private key file "server.key" has group or world access 2010-01-21 22:10:00 PST DETAIL: File must be owned by the database user or root, must have no write permission for "group", and must have no permissions for "other".

... and when I try to access psql as the postgres user with: 

$ sudo su postgres $ psql

it gives me an error:

 could not connect to server: No such file or directory     Is the server running locally and accepting     connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?
like image 221
Atul Arvind Avatar asked Aug 23 '12 08:08

Atul Arvind

People also ask

Does PostgreSQL have a server?

Description. postgres is the PostgreSQL database server. In order for a client application to access a database it connects (over a network or locally) to a running postgres instance. The postgres instance then starts a separate server process to handle the connection.

2 Answers

I had solved it using ..

1) Enter the relevant directory (use> locate server.key)

2) Back up old server.key link.

3) Copy ssl-cert-snakeoil.key to server.key

4-5) Change its owner & group to postgres

6) Ensure the permissions are 700 or 740 (as requested by error message)

Recipe for my Ubuntu 12.04 & postgresql-8.3:

sudo cd /var/lib/postgresql/8.3/main/ sudo mv server.key server.key-0 sudo cp /etc/ssl/private/ssl-cert-snakeoil.key server.key sudo chown postgres server.key sudo chgrp postgres server.key sudo chmod 740 server.key sudo /etc/init.d/postgres-8.3 start

And now its working ! Thanks for support.

like image 98
Atul Arvind Avatar answered Sep 19 '22 19:09

Atul Arvind

How about not to hard copying the Server Key and leaving it where and like it is.

Instead it is simplier to:

Change the "server.key" link Permissions in PostgreSQL Data Directory (its the Location where the Link to the private certificate.key File resides)

# cd /var/lib/postgresql/9.1/main/

to

# chown -R postgres:postgres server.key`

And make sure that the original Certificate in

# /etc/ssl/private/ssl-cert-snakeoil.key

has those Properties, by Setting them 

# chmod 640 ssl-cert-snakeoil.key # chown root:ssl-cert ssl-cert-snakeoil.key

This Solution has been tested on Debian. Please remember that CentOS can use the SELinux with extended User Rights Management, which can be viewed by 

# ls -laZ *
like image 42
ERF Avatar answered Sep 22 '22 19:09

ERF
Sign in to Comment

Related questions

How can I send a signal from a python program?
How to kill a running python process? [duplicate]
Error when trying to run .asm file on NASM on Ubuntu
How secure is storing password with Git?
What are the thread limitations when working on Linux compared to processes for network/IO-bound apps?
C : how can I change from file descriptor to FILE struct and vice versa?
Convert multipage PDF to a single image
C++ Socket Server - Unable to saturate CPU
sprintf_s was not declared in this scope
Linux Shell Script - String Comparison with wildcards
How to add shebang #! with php script on linux?
Find broken symlinks with Python
Find all writable files in the current directory
Adding users to sudoers through shell script
completely uninstall r linux
Default Jenkins User Password
Which command to use for checking whether python is 64bit or 32bit
Bash: Create a file if it does not exist, otherwise check to see if it is writeable
Running Nginx as non root user
Finding open file descriptors for a process linux ( C code )?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!