Menu
Whenerver I start PostgreSQL using command:
$ sudo /etc/init.d/postgresql start Pg doesn't start up. The error reported is:
* Starting PostgreSQL 8.4 database server * The PostgreSQL server failed to start. Please check the log output: 2010-01-21 22:10:00 PST FATAL: private key file "server.key" has group or world access 2010-01-21 22:10:00 PST DETAIL: File must be owned by the database user or root, must have no write permission for "group", and must have no permissions for "other". ... and when I try to access psql as the postgres user with:
$ sudo su postgres $ psql it gives me an error:
could not connect to server: No such file or directory Is the server running locally and accepting connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"? 
221
Description. postgres is the PostgreSQL database server. In order for a client application to access a database it connects (over a network or locally) to a running postgres instance. The postgres instance then starts a separate server process to handle the connection.
I had solved it using ..
1) Enter the relevant directory (use> locate server.key)
2) Back up old server.key link.
3) Copy ssl-cert-snakeoil.key to server.key
4-5) Change its owner & group to postgres
6) Ensure the permissions are 700 or 740 (as requested by error message)
Recipe for my Ubuntu 12.04 & postgresql-8.3:
sudo cd /var/lib/postgresql/8.3/main/ sudo mv server.key server.key-0 sudo cp /etc/ssl/private/ssl-cert-snakeoil.key server.key sudo chown postgres server.key sudo chgrp postgres server.key sudo chmod 740 server.key sudo /etc/init.d/postgres-8.3 start And now its working ! Thanks for support.
98
How about not to hard copying the Server Key and leaving it where and like it is.
Instead it is simplier to:
Change the "server.key" link Permissions in PostgreSQL Data Directory (its the Location where the Link to the private certificate.key File resides)
# cd /var/lib/postgresql/9.1/main/
to
# chown -R postgres:postgres server.key` And make sure that the original Certificate in
# /etc/ssl/private/ssl-cert-snakeoil.key has those Properties, by Setting them
# chmod 640 ssl-cert-snakeoil.key # chown root:ssl-cert ssl-cert-snakeoil.key This Solution has been tested on Debian. Please remember that CentOS can use the SELinux with extended User Rights Management, which can be viewed by
# ls -laZ * If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
