I am provisioning a postgresql server on an TinyCore64 machine and there are some files and folders that cannot be accessed by the user postgres despite the fact that I have changed the permissions, ownership and group of everything. Here are the commands and the folder structure:
sudo -u postgres ls /etc/ssl/
# success
# Permissions: drwxr-xr-x 6 root root
sudo -u postgres ls /etc/ssl/private
# ls: cannot open directory /etc/ssl/private/: Permission denied
# Permissions: drwxr-xr-x 2 postgres postgres
I am stumped. What am I doing wrong?
Edit:
Posted the exact transcript.
root@121e7b1cdaa4:~# sudo -u postgres ls -al /etc/ssl
total 28
drwxr-xr-x 6 root root 4096 Jun 12 08:33 .
drwxr-xr-x 161 root root 4096 Jun 12 08:33 ..
drwxr-xr-x 2 root root 4096 Jun 12 08:33 certs
-rw-r--r-- 1 root root 10835 May 2 20:29 openssl.cnf
drwxr-xr-x 2 postgres postgres 4096 Jun 12 08:33 private
root@121e7b1cdaa4:~# sudo -u postgres ls -al /etc/ssl/private/
ls: cannot open directory /etc/ssl/private/: Permission denied
Edit:
posted the strace output:
root@121e7b1cdaa4:~# strace -f sudo -u postgres ls -al /etc/ssl/private/
....
[pid 4270] close(3) = 0
[pid 4270] openat(AT_FDCWD, "/etc/ssl/private/", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = -1 EACCES (Permission denied)
[pid 4270] write(2, "ls: ", 4ls: ) = 4
[pid 4270] write(2, "cannot open directory /etc/ssl/p"..., 39cannot open directory /etc/ssl/private/) = 39
[pid 4270] write(2, ": Permission denied", 19: Permission denied) = 19
[pid 4270] write(2, "\n", 1
) = 1
....
Check permissions on "/etc/ssl" directory - it seems that 'postgres' user on your system does not have 'rx' rights somewhere on the full path to the target.
It should be smth like :
kaa@aknb5:~$ ls -l /etc/ |grep ssl
drwxr-xr-x 4 root root 4096 Jun 13 11:00 ssl
kaa@aknb5:~$ uname -a
Linux aknb5 3.2.0-61-generic-pae #93-Ubuntu SMP Fri May 2 21:46:08 UTC 2014 i686 i686 i386 GNU/Linux
kaa@aknb5:~$
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.