| From: | Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com> |
|---|---|
| To: | Rob Sargent <robjsargent(at)gmail(dot)com> |
| Cc: | Mike Christensen <mike(at)kitchenpc(dot)com>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Postgres won't start after setting ssl=on |
| Date: | 2010-10-10 19:01:08 |
| Message-ID: | AANLkTinTCrXFH-AK5d0XE2xuBKE9KZMSMvvCY=_Gw2QW@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Postgres cannot run as root.
On Sun, Oct 10, 2010 at 9:40 AM, Rob Sargent <robjsargent(at)gmail(dot)com> wrote:
> Does postgres run as root or as the postgres user. I suspect you want
> postgres to own that file.
>
> Mike Christensen wrote:
>>
>> Hi, I'm trying to require SSL for Postgres connections from certain
>> IPs.. This is on Postgres 9.0.
>>
>> First, I've followed the directions at:
>>
>> http://www.postgresql.org/docs/9.0/static/ssl-tcp.html
>>
>> I've created the files server.crt and server.key. I've also removed
>> the passphrase from the key so Postgres can start automatically.
>> Finally, I ran:
>>
>> chmod 0600 server.key
>>
>> The permissions on server.key are now:
>>
>> -rw------- 1 root root 887 Oct 10 03:42 server.key
>>
>> However, when I set ssl = on in postgresql.conf and start the server,
>> I get the logged error:
>>
>> 2010-10-10 03:47:07 UTC FATAL: could not load private key file
>> "server.key": Permission denied
>>
>> I'm logged on as root. Any ideas? Thanks!
>>
>> Mike
>>
>>
>
> --
> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general
>
--
To understand recursion, one must first understand recursion.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Munro | 2010-10-10 20:46:56 | IEEE 754-2008 decimal numbers |
| Previous Message | Rob Sargent | 2010-10-10 15:40:23 | Re: Postgres won't start after setting ssl=on |