[英]ssl file permission on postgresql 14 is not right
在 postgresql 14 上啟用 ssl 后,啟動 Postgres 服務器時出現錯誤:
2022-05-13 00:09:39.791 CST [938050] FATAL: private key file "/etc/postgresql/14/main/server.key" has group or world access
2022-05-13 00:23:09.163 CST [938097] DETAIL: File must have permissions u=rw (0600) or less if owned by the database user, or permissions u=rw,g=r (0640) or less if owned by root.
我所做的是按照上面的提示和chmod 640 server.key
。 這是chmod
之后的當前權限輸出(似乎只刪除了組的 r)
-rw-r--r-- 1 root root 2727 May 13 00:08 server.crt
-rw-r----- 1 root root 3323 May 13 00:08 server.csr
-rw-r----- 1 root root 1704 May 13 00:08 server.key
但是重啟 Postgres 服務器還是有錯誤:
2022-05-13 00:38:09.331 CST [938235] FATAL: could not load private key file "/etc/postgresql/14/main/server.key": Permission denied
2022-05-13 00:38:09.331 CST [938235] LOG: database system is shut down
pg_ctl: could not start server
ssl 文件權限在這里缺少什么?
首先,將所有文件的所有權更改為 PostgreSQL 用戶:
chown postgres server.crt server.key server.csr
然后從私鑰文件中刪除組的讀取權限:
chmod g-r server.key
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.