Hi Christoph, Thanks for looking into this. I've managed to bash the original container into installing the cluster, so it can't be used to properly debug this. I've just setup a new one, as described in the original bug report, so I can show you my findings.
In the clean install, "apt-get install postgresql" exhibits the error described in the bug. >From here: root@debian-db:~# su - postgres postgres@debian-db:~$ /bin/sh $ exit postgres@debian-db:~$ cat /etc/postgresql/9.4/main/postgresql.conf cat: /etc/postgresql/9.4/main/postgresql.conf: Permission denied postgres@debian-db:~$ ls -lah /etc/ | grep postgresql drwxr-x---+ 3 root root 4.0K Aug 17 08:49 postgresql drwxr-xr-x+ 3 root root 4.0K Aug 17 08:47 postgresql-common postgres@debian-db:~$ exit So, postgres seems able to execute /bin/sh just fine, but can't read the postgresql.conf file, in line with the file permissions. root@debian-db:~# pg_dropcluster 9.4 main root@debian-db:~# chown postgres /etc/postgresql root@debian-db:~# cd /tmp && pg_createcluster 9.4 main Creating new cluster 9.4/main ... config /etc/postgresql/9.4/main data /var/lib/postgresql/9.4/main locale en_US.UTF-8 Flags of /var/lib/postgresql/9.4/main set as -------------e-C Warning: The socket directory for owners other than 'postgres' defaults to /tmp. You might want to change the unix_socket_directories parameter in postgresql.conf to a more secure directory. Error: could not open /etc/postgresql/9.4/main/postgresql.conf for reading at /usr/share/perl5/PgCommon.pm line 194. Can't exec "/bin/sh": Permission denied at /usr/bin/pg_createcluster line 590. Same error. Strangely, now: root@debian-db:/tmp# su - postgres postgres@debian-db:~$ cat /etc/postgresql/9.4/main/postgresql.conf [postgresql.conf content here] So, the only option is a wrong error message. If I edit the relevant section in /usr/bin/pg_createcluster, I can get it to work. On line 417, there's this content: set_cluster_socketdir $version, $cluster, $socketdir if $socketdir; $> = $orig_euid; $) = $orig_egid; Change it to: $> = $orig_euid; $) = $orig_egid; set_cluster_socketdir $version, $cluster, $socketdir if $socketdir; (i.e. Run the config change as root, not as postgres, which is consistent with the rest of the script). I think the error reported by PgCommon.pm is wrong. It can't *write* the conf file, not *read*. After the change, "pg_createcluster 9.4 main" runs just fine. Now, for the cherry on top. The cluster won't start: root@debian-db:/tmp# systemctl start postgresql@9.4-main.service Job for postgresql@9.4-main.service failed because the control process exited with error code. See "systemctl status postgresql@9.4-main.service" and "journalctl -xe" for details. systemctl status doesn't give any interesting info: root@debian-db:/tmp# systemctl status postgresql@9.4-main.service ● postgresql@9.4-main.service - PostgreSQL Cluster 9.4-main Loaded: loaded (/lib/systemd/system/postgresql@.service; disabled; vendor preset: enabled) Active: failed (Result: exit-code) since Mon 2015-08-17 09:09:28 UTC; 35s ago Process: 3198 ExecStart=postgresql@%i %i start (code=exited, status=1/FAILURE) Aug 17 09:08:57 debian-db systemd[1]: Starting PostgreSQL Cluster 9.4-main... Aug 17 09:09:28 debian-db postgresql@9.4-main[3198]: The PostgreSQL server failed to start. Please check the log output. Aug 17 09:09:28 debian-db systemd[1]: postgresql@9.4-main.service: Control process exited, code=exited status=1 Aug 17 09:09:28 debian-db systemd[1]: Failed to start PostgreSQL Cluster 9.4-main. Aug 17 09:09:28 debian-db systemd[1]: postgresql@9.4-main.service: Unit entered failed state. Aug 17 09:09:28 debian-db systemd[1]: postgresql@9.4-main.service: Failed with result 'exit-code'. But it is again a question of permissions. /var/log/postgresql is owned by root:postgres with permissions rwxrwxr-t. Within, postgresql-9.4-main.log is owned by postgres:adm with permissions rw-r-----. It should work, but postgresql complains it can't write to its log. I suppose the temporary flag in the log directory may cause strange behaviour when the log file is accessed by a different user/group pair (postgres:postgres vs postgres:adm). root@debian-db:/tmp# rm -Rf /var/log/postgresql/; mkdir /var/log/postgresql/; chown postgres:postgres /var/log/postgresql/ root@debian-db:/tmp# systemctl start postgresql@9.4-main.service root@debian-db:/tmp# echo $? 0 Sorry for the long mail. It was inevitable. It seems pg_createcluster is actually wrong, the configuration change should be done as root (from what I infer from the rest of the script). However, something in debian triggered this, as it didn't use to happen (I last did this operation over a year ago, so my the bisection is not much use, really). If you need to play around with this install, I can try and get this container online and accessible to you. Tell me if you need me to. Cheers, -- Sérgio Carvalho On Fri, Aug 14, 2015 at 6:34 PM, Christoph Berg <m...@debian.org> wrote: > Control: tags -1 moreinfo > > Re: Sergio Carvalho 2015-08-13 > <20150813184358.3021.68521.reportbug@profissional-db> > > The installer produces this output: > > > > Setting up postgresql-9.4 (9.4.4-1) ... > > Creating new cluster 9.4/main ... > > config /etc/postgresql/9.4/main > > data /var/lib/postgresql/9.4/main > > locale en_US.UTF-8 > > Flags of /var/lib/postgresql/9.4/main set as -------------e-C > > Warning: The socket directory for owners other than 'postgres' > > defaults to /tmp. You might want to change the unix_socket_directories > parameter > > in postgresql.conf to a more secure directory. > > Error: could not open /etc/postgresql/9.4/main/postgresql.conf for > reading at /usr/share/perl5/PgCommon.pm line 194. > > Can't exec "/bin/sh": Permission denied at /usr/bin/pg_createcluster > line 590. > > Hi Sergio, > > to me it seems the /bin/sh error is the root of the problem. Could you > check what's up with that? If that's broken it's no wonder the > utilities fail in some way. > > Christoph > -- > c...@df7cb.de | http://www.df7cb.de/ > -- Sérgio Carvalho
