Package: postgresql-common
Version: 25
Severity: grave
Justification: causes non-serious data loss

After upgrade from version 23 postgres-8.0 fails to start with:

---8<---8<---
FATAL:  unsichere Berechtigungen für private Schlüsseldatei 
»/var/lib/postgresql/8.0/main/server.key«
DETAIL:  Die Datei muss dem Datenbankbenutzer gehören und keine Berechtigungen 
für »Gruppe« oder »Andere« haben.
---8<---8<---

I don't want to try it with other locale settings because I don't want
to loose more accounting data.
It sais "isecure permissions" and wants the file to be owned by the
database user an have maximum permissions of 0700.

My permissions are:

---8<---8<---
# file: etc/ssl/private/server.tiwe.homelinux.org_key.pem
# owner: root
# group: root
user::r--
user:postgres:r--
user:Debian-exim:r--
group::---
mask::r--
other::---
---8<---8<---

(The key file is made immutable to keep cupsys from changing
permissions)

If postgres thinks the file is insecure it could issue a warning, but
refusing to start is NOT OK.

Finally I AM THE ADMIN and I know what I'm doing. I don't need any
program pretending to be more clever than me.

There was no warning to check permissions before upgrading, so I lost
accounting data (not serious, it costs me no money).


Timo Weingärtner

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12.2-swsusp2
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages postgresql-common depends on:
ii  adduser                       3.67       Add and remove users and groups

Versions of packages postgresql-common recommends:
ii  openssl                       0.9.7e-3   Secure Socket Layer (SSL) binary a

-- no debconf information

Attachment: pgp8cDRN5RfUC.pgp
Description: PGP signature

Reply via email to