CentOS 7 pg_ctl: could not access directory “/var/lib/pgsql/data”: Permission denied











up vote
1
down vote

favorite












PostgreSQL 10.6 and CentOS 7



pg_ctl status
pg_ctl: could not access directory "/var/lib/pgsql/data": Permission denied`


Wouldn't pg_ctl have access to this, given /var/lib/pgsql/data has ownership postgres:postgres?



drwx------   3 postgres postgres   94 Nov 14 06:43 pgsql


How can I fix this without creating a vulnerability? Why is this throwing an error?



Additional info (edit):



su - postgres
cd /var/lib
/var/lib/pgsql: drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
/var/lib/pgsql/10: drwx------ 4 postgres postgres 33 Nov 14 06:38 10
/var/lib/pgsql/10/data: drwx------ 20 postgres postgres 4096 Nov 15 03:47 data









share|improve this question




























    up vote
    1
    down vote

    favorite












    PostgreSQL 10.6 and CentOS 7



    pg_ctl status
    pg_ctl: could not access directory "/var/lib/pgsql/data": Permission denied`


    Wouldn't pg_ctl have access to this, given /var/lib/pgsql/data has ownership postgres:postgres?



    drwx------   3 postgres postgres   94 Nov 14 06:43 pgsql


    How can I fix this without creating a vulnerability? Why is this throwing an error?



    Additional info (edit):



    su - postgres
    cd /var/lib
    /var/lib/pgsql: drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
    /var/lib/pgsql/10: drwx------ 4 postgres postgres 33 Nov 14 06:38 10
    /var/lib/pgsql/10/data: drwx------ 20 postgres postgres 4096 Nov 15 03:47 data









    share|improve this question


























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      PostgreSQL 10.6 and CentOS 7



      pg_ctl status
      pg_ctl: could not access directory "/var/lib/pgsql/data": Permission denied`


      Wouldn't pg_ctl have access to this, given /var/lib/pgsql/data has ownership postgres:postgres?



      drwx------   3 postgres postgres   94 Nov 14 06:43 pgsql


      How can I fix this without creating a vulnerability? Why is this throwing an error?



      Additional info (edit):



      su - postgres
      cd /var/lib
      /var/lib/pgsql: drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
      /var/lib/pgsql/10: drwx------ 4 postgres postgres 33 Nov 14 06:38 10
      /var/lib/pgsql/10/data: drwx------ 20 postgres postgres 4096 Nov 15 03:47 data









      share|improve this question















      PostgreSQL 10.6 and CentOS 7



      pg_ctl status
      pg_ctl: could not access directory "/var/lib/pgsql/data": Permission denied`


      Wouldn't pg_ctl have access to this, given /var/lib/pgsql/data has ownership postgres:postgres?



      drwx------   3 postgres postgres   94 Nov 14 06:43 pgsql


      How can I fix this without creating a vulnerability? Why is this throwing an error?



      Additional info (edit):



      su - postgres
      cd /var/lib
      /var/lib/pgsql: drwx------ 3 postgres postgres 94 Nov 14 06:43 pgsql
      /var/lib/pgsql/10: drwx------ 4 postgres postgres 33 Nov 14 06:38 10
      /var/lib/pgsql/10/data: drwx------ 20 postgres postgres 4096 Nov 15 03:47 data






      postgresql centos7 pg-ctl






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 15 at 16:33









      Laurenz Albe

      43.6k92746




      43.6k92746










      asked Nov 15 at 8:32









      Rich_F

      4441518




      4441518
























          2 Answers
          2






          active

          oldest

          votes

















          up vote
          1
          down vote



          accepted










          In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).



          So it doesn't matter who owns pg_ctl, but you have to be user postgres when you run it.






          share|improve this answer





















          • My point was that I would think pg_ctl would be the way of getting this to other users, instead of having to log in as the postgres user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd be postgres. I just thought they would allow tools available to normal users, or at least su.
            – Rich_F
            Nov 15 at 16:51








          • 1




            What's wrong with using pg_isready?
            – Laurenz Albe
            Nov 15 at 16:54










          • Nothing wrong with it. First time I've seen it, actually. Different result as well.
            – Rich_F
            Nov 15 at 16:55










          • What exactly is your need?
            – Laurenz Albe
            Nov 15 at 17:12










          • Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db using SHOW all;.
            – Rich_F
            Nov 15 at 17:13


















          up vote
          1
          down vote













          This needs few troubleshooting steps to pinpoint the real issue.




          1. Find out the user/owner and files permissions for that location in Linux:



          Ls - al /var/lib/pgsql/data/


          ls - al /var/lib/pgsql/






          1. Try to change to the postgres user and access the directory in 1



            # su - postgres




          Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible



          https://wiki.postgresql.org/wiki/First_steps



          https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04



          Update



          From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions



          Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..






          share|improve this answer























          • Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside /var/lib. The database works. I just can't use pg_ctl status due to the permissions that the install set itself. It's odd.
            – Rich_F
            Nov 15 at 13:54










          • Can u spit the outputs to show the owner?
            – Salah-1
            Nov 15 at 14:01










          • In original post.
            – Rich_F
            Nov 15 at 14:06











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53315221%2fcentos-7-pg-ctl-could-not-access-directory-var-lib-pgsql-data-permission-de%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          1
          down vote



          accepted










          In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).



          So it doesn't matter who owns pg_ctl, but you have to be user postgres when you run it.






          share|improve this answer





















          • My point was that I would think pg_ctl would be the way of getting this to other users, instead of having to log in as the postgres user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd be postgres. I just thought they would allow tools available to normal users, or at least su.
            – Rich_F
            Nov 15 at 16:51








          • 1




            What's wrong with using pg_isready?
            – Laurenz Albe
            Nov 15 at 16:54










          • Nothing wrong with it. First time I've seen it, actually. Different result as well.
            – Rich_F
            Nov 15 at 16:55










          • What exactly is your need?
            – Laurenz Albe
            Nov 15 at 17:12










          • Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db using SHOW all;.
            – Rich_F
            Nov 15 at 17:13















          up vote
          1
          down vote



          accepted










          In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).



          So it doesn't matter who owns pg_ctl, but you have to be user postgres when you run it.






          share|improve this answer





















          • My point was that I would think pg_ctl would be the way of getting this to other users, instead of having to log in as the postgres user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd be postgres. I just thought they would allow tools available to normal users, or at least su.
            – Rich_F
            Nov 15 at 16:51








          • 1




            What's wrong with using pg_isready?
            – Laurenz Albe
            Nov 15 at 16:54










          • Nothing wrong with it. First time I've seen it, actually. Different result as well.
            – Rich_F
            Nov 15 at 16:55










          • What exactly is your need?
            – Laurenz Albe
            Nov 15 at 17:12










          • Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db using SHOW all;.
            – Rich_F
            Nov 15 at 17:13













          up vote
          1
          down vote



          accepted







          up vote
          1
          down vote



          accepted






          In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).



          So it doesn't matter who owns pg_ctl, but you have to be user postgres when you run it.






          share|improve this answer












          In UNIX, each process runs with the permissions of the user that starts the executable, not the owner of the executable (unless the SETUID flag is set).



          So it doesn't matter who owns pg_ctl, but you have to be user postgres when you run it.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 15 at 16:31









          Laurenz Albe

          43.6k92746




          43.6k92746












          • My point was that I would think pg_ctl would be the way of getting this to other users, instead of having to log in as the postgres user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd be postgres. I just thought they would allow tools available to normal users, or at least su.
            – Rich_F
            Nov 15 at 16:51








          • 1




            What's wrong with using pg_isready?
            – Laurenz Albe
            Nov 15 at 16:54










          • Nothing wrong with it. First time I've seen it, actually. Different result as well.
            – Rich_F
            Nov 15 at 16:55










          • What exactly is your need?
            – Laurenz Albe
            Nov 15 at 17:12










          • Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db using SHOW all;.
            – Rich_F
            Nov 15 at 17:13


















          • My point was that I would think pg_ctl would be the way of getting this to other users, instead of having to log in as the postgres user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd be postgres. I just thought they would allow tools available to normal users, or at least su.
            – Rich_F
            Nov 15 at 16:51








          • 1




            What's wrong with using pg_isready?
            – Laurenz Albe
            Nov 15 at 16:54










          • Nothing wrong with it. First time I've seen it, actually. Different result as well.
            – Rich_F
            Nov 15 at 16:55










          • What exactly is your need?
            – Laurenz Albe
            Nov 15 at 17:12










          • Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db using SHOW all;.
            – Rich_F
            Nov 15 at 17:13
















          My point was that I would think pg_ctl would be the way of getting this to other users, instead of having to log in as the postgres user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd be postgres. I just thought they would allow tools available to normal users, or at least su.
          – Rich_F
          Nov 15 at 16:51






          My point was that I would think pg_ctl would be the way of getting this to other users, instead of having to log in as the postgres user to see what the status is of the db server. It's a bit odd to jump through those hoops. Ah but then again, in a db-only deployment, that's probably the case I'd be postgres. I just thought they would allow tools available to normal users, or at least su.
          – Rich_F
          Nov 15 at 16:51






          1




          1




          What's wrong with using pg_isready?
          – Laurenz Albe
          Nov 15 at 16:54




          What's wrong with using pg_isready?
          – Laurenz Albe
          Nov 15 at 16:54












          Nothing wrong with it. First time I've seen it, actually. Different result as well.
          – Rich_F
          Nov 15 at 16:55




          Nothing wrong with it. First time I've seen it, actually. Different result as well.
          – Rich_F
          Nov 15 at 16:55












          What exactly is your need?
          – Laurenz Albe
          Nov 15 at 17:12




          What exactly is your need?
          – Laurenz Albe
          Nov 15 at 17:12












          Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db using SHOW all;.
          – Rich_F
          Nov 15 at 17:13




          Just tripped over the process thinking it would give me lots of feedback including variables displayed inside the db using SHOW all;.
          – Rich_F
          Nov 15 at 17:13












          up vote
          1
          down vote













          This needs few troubleshooting steps to pinpoint the real issue.




          1. Find out the user/owner and files permissions for that location in Linux:



          Ls - al /var/lib/pgsql/data/


          ls - al /var/lib/pgsql/






          1. Try to change to the postgres user and access the directory in 1



            # su - postgres




          Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible



          https://wiki.postgresql.org/wiki/First_steps



          https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04



          Update



          From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions



          Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..






          share|improve this answer























          • Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside /var/lib. The database works. I just can't use pg_ctl status due to the permissions that the install set itself. It's odd.
            – Rich_F
            Nov 15 at 13:54










          • Can u spit the outputs to show the owner?
            – Salah-1
            Nov 15 at 14:01










          • In original post.
            – Rich_F
            Nov 15 at 14:06















          up vote
          1
          down vote













          This needs few troubleshooting steps to pinpoint the real issue.




          1. Find out the user/owner and files permissions for that location in Linux:



          Ls - al /var/lib/pgsql/data/


          ls - al /var/lib/pgsql/






          1. Try to change to the postgres user and access the directory in 1



            # su - postgres




          Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible



          https://wiki.postgresql.org/wiki/First_steps



          https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04



          Update



          From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions



          Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..






          share|improve this answer























          • Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside /var/lib. The database works. I just can't use pg_ctl status due to the permissions that the install set itself. It's odd.
            – Rich_F
            Nov 15 at 13:54










          • Can u spit the outputs to show the owner?
            – Salah-1
            Nov 15 at 14:01










          • In original post.
            – Rich_F
            Nov 15 at 14:06













          up vote
          1
          down vote










          up vote
          1
          down vote









          This needs few troubleshooting steps to pinpoint the real issue.




          1. Find out the user/owner and files permissions for that location in Linux:



          Ls - al /var/lib/pgsql/data/


          ls - al /var/lib/pgsql/






          1. Try to change to the postgres user and access the directory in 1



            # su - postgres




          Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible



          https://wiki.postgresql.org/wiki/First_steps



          https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04



          Update



          From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions



          Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..






          share|improve this answer














          This needs few troubleshooting steps to pinpoint the real issue.




          1. Find out the user/owner and files permissions for that location in Linux:



          Ls - al /var/lib/pgsql/data/


          ls - al /var/lib/pgsql/






          1. Try to change to the postgres user and access the directory in 1



            # su - postgres




          Following links should fill in blanks for few steps to check things out. On #2 link, you aren’t moving the dir, but you see steps to ensure dir is ready/accessible



          https://wiki.postgresql.org/wiki/First_steps



          https://www.digitalocean.com/community/tutorials/how-to-move-a-postgresql-data-directory-to-a-new-location-on-ubuntu-16-04



          Update



          From comments, it looks like pg ctl is run as user x... and lacks sufficient permissions



          Without knowing much about your environment, it may be better to let postgres be that user who runs pg ctl since it’s already doing stuff related..







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 15 at 15:06

























          answered Nov 15 at 13:47









          Salah-1

          770914




          770914












          • Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside /var/lib. The database works. I just can't use pg_ctl status due to the permissions that the install set itself. It's odd.
            – Rich_F
            Nov 15 at 13:54










          • Can u spit the outputs to show the owner?
            – Salah-1
            Nov 15 at 14:01










          • In original post.
            – Rich_F
            Nov 15 at 14:06


















          • Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside /var/lib. The database works. I just can't use pg_ctl status due to the permissions that the install set itself. It's odd.
            – Rich_F
            Nov 15 at 13:54










          • Can u spit the outputs to show the owner?
            – Salah-1
            Nov 15 at 14:01










          • In original post.
            – Rich_F
            Nov 15 at 14:06
















          Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside /var/lib. The database works. I just can't use pg_ctl status due to the permissions that the install set itself. It's odd.
          – Rich_F
          Nov 15 at 13:54




          Sorry, I think you've missed what I put. It is owned postgres:postgres. I stated that in the original post. pg_ctl is run as rich and it can't see inside /var/lib. The database works. I just can't use pg_ctl status due to the permissions that the install set itself. It's odd.
          – Rich_F
          Nov 15 at 13:54












          Can u spit the outputs to show the owner?
          – Salah-1
          Nov 15 at 14:01




          Can u spit the outputs to show the owner?
          – Salah-1
          Nov 15 at 14:01












          In original post.
          – Rich_F
          Nov 15 at 14:06




          In original post.
          – Rich_F
          Nov 15 at 14:06


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53315221%2fcentos-7-pg-ctl-could-not-access-directory-var-lib-pgsql-data-permission-de%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          How to change which sound is reproduced for terminal bell?

          Can I use Tabulator js library in my java Spring + Thymeleaf project?

          Title Spacing in Bjornstrup Chapter, Removing Chapter Number From Contents