| From: | Christoph Berg <myon(at)debian(dot)org> |
|---|---|
| To: | PostgreSQL in Debian <pgsql-pkg-debian(at)postgresql(dot)org> |
| Subject: | Regression in recovery mode (Re: postgresql-9.1 updated to version 9.1.16-1.pgdg+1) |
| Date: | 2015-05-23 20:44:35 |
| Message-ID: | 20150523204435.GC28106@msg.df7cb.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-pkg-debian |
Re: To PostgreSQL in Debian 2015-05-22 <E1YvmXn-0000PK-5b(at)atalia(dot)postgresql(dot)org>
> The package postgresql-9.1 was updated on apt.postgresql.org:
>
> New version 9.1.16-1.pgdg+1:
Hi,
we do have a problem in recovery mode now:
http://www.postgresql.org/message-id/20150523172627.GA24277@msg.df7cb.de
In versions 9.1 and earlier, by default symlinks
/var/lib/postgresql/*/*/server.crt and .key to /etc/ssl/ are created.
The symlink targets are owned by root and only readable for the
postgres user. These cause server recovery with the new versions to
fail.
Possible workarounds are:
* Replace the symlinks by the files pointed to and make them writable
for postgres
* Make the files in /etc/ssl/ writable for postgres (NOT RECOMMENDED)
* Disable SSL and remove the symlinks (not the best idea either)
* Downgrade
Versions 9.2 and later are also affected (any file not writable by the
postgres user is bad), but the default disk layout does not contain
these problematic symlinks.
We are looking into providing fixed packages ASAP.
Christoph
--
cb(at)df7cb(dot)de | http://www.df7cb.de/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christoph Berg | 2015-05-25 18:44:07 | Re: pgtap in our apt repo |
| Previous Message | apt.postgresql.org repository | 2015-05-23 20:23:20 | postgresql-common updated to version 168.pgdg+1 |