Home > database >  postgresql archive permission denied
postgresql archive permission denied

Time:11-16

We have installed postgres v12 on ubuntu 20.04 (with apt install -y postgresql postgresql-contrib) and wish to enable archiving to /data/db/postgres/archive by setting the following in postgresql.conf:

max_wal_senders=2
wal_keep_segments=256
wal_sender_timeout=60s
archive_mode=on
archive_command=cp %p /data/db/postgres/archive/%f

However the postgres service fails to write there:

2022-11-15 15:02:26.212 CET [392860] FATAL:  archive command failed with exit code 126
2022-11-15 15:02:26.212 CET [392860] DETAIL:  The failed archive command was: archive_command=cp pg_wal/000000010000000000000002 /data/db/postgres/archive/000000010000000000000002
2022-11-15 15:02:26.213 CET [392605] LOG:  archiver process (PID 392860) exited with exit code 1
sh: 1: pg_wal/000000010000000000000002: Permission denied

This directory /data/db/postgres/archive/ is owned by the postgres user and when we su postgres we are able to create and delete files without a problem.

Why can the postgresql service (running as postgres) not write to a directory it owns?

Here are the permissions on all the parents of the archive directory:

drwxr-xr-x 2 postgres root 6 Nov 15 14:59 /data/db/postgres/archive
drwxr-xr-x 3 root root 21 Nov 15 14:29 /data/db/postgres
drwxr-xr-x 3 root root 22 Nov 15 14:29 /data/db
drwxr-xr-x 5 root root 44 Nov 15 14:29 /data

CodePudding user response:

2022-11-15 15:02:26.212 CET [392860] DETAIL: The failed archive command was: archive_command=cp pg_wal/000000010000000000000002 /data/db/postgres/archive/000000010000000000000002

So, your archive_command is apparently set to the peculiar string archive_command=cp %p /data/db/postgres/archive/%f.

After the %variables are substituted, the result is passed to the shell. The shell does what it was told, which is to set the (unused) environment variable 'archive_command' to be 'cp', and then tries to execute the file pg_wal/000000010000000000000002, which is not allowed to because it doesn't have the execute bit set.

I don't know how you managed to get such a deformed archive_command, but it didn't come from anything you showed us.

Page link:https//www.codepudding.com/database/611998.html

Prev:Psycopg2 : Insert multiple values if not exists in the table
Next:Getting the average values of the previous days value for a given input timestamp in the Postgres sq
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding