Problem
A new installation of PostgreSQL 9.0.3 running on Linux Server 5.4 does not seem to be running: applications are not able to access it. You check the status of the Postgresql-9.0 service and see the following:
Resolution
Step 1: Perform Status Checks
This problem is likely due to the Linux Server's SELinux Current Enforcing Mode property being set to Enforcing. First let's run a few checks to see if this might be the case. Open a terminal, and then enter each of the following commands:
You can also do this step by using the SELinux Management GUI tool. From the System menu go to Administration and then select SELinux Management:
The SELinux Administration tool window appears.
The Current Enforcing Mode property setting will be displayed. This completes status check. Next, let's implement a temporary fix to get integrated applications up and running quickly.
Step 2: Implement Temporary Fix
Temporarily disable enforcement, and then check the status of this property once again. At the prompt, enter the following commands:
Or, if you would rather use the GUI, on the SELinux Administration tool, just change the Current Enforcing Mode property setting from Enforcing to Permissive, like so:
Close the SELinux Administration tool.
Next, restart the Postgresql-9.0 service. From the terminal prompt, enter the following command:
If you want to do this from a GUI, then from the System menu, go to Administration, and then select Services. The Service Configuration window appears.
Scroll the left list pane down until you see the postgresql-9.0 service. When you see this service, select it. Now look at the right Status pane. The current status information associated with the selected service appears there. You should see something like that shown in the figure below:
Click on the Start button just above the service list pane on the left. After a few moments, an information prompt will appear indicating successful startup:
And if you look in the Status pane again, you'll see a new message:
Step 3: Implement Permanent Fix
At this point, your PostgreSQL instance is up and running and accessible by your other integrated applications. However, should the Linux server hosting this instance be shutdown and restarted, you'll go through all of this all over again. To implement a permanent fix, you'll need to edit the SELinux Config file. Enter the following commands:
Change the setting of the SELINUX property from enforcing to permissive, like so:
Save and exit gedit. That's it. You're done. As a final test, reboot the system, and then check postgresql-9.0 service status: this time it will be running after a reboot.
References
A new installation of PostgreSQL 9.0.3 running on Linux Server 5.4 does not seem to be running: applications are not able to access it. You check the status of the Postgresql-9.0 service and see the following:
/opt/PostgresPlus/9.0SS/bin/pg_ctl: error while loading shared libraries:You'll resolve this error in three distinct steps: 1) perform status check; 2) implement a temporary fix; and 3) implement a permanent fix. You will be shown how to perform each step both from the command line and using the appropriate GUI tool.
/opt/PostgresPlus/9.0SS/bin/../lib/libedit.so: cannot restore segment prot after reloc: Permission denied
Resolution
Step 1: Perform Status Checks
This problem is likely due to the Linux Server's SELinux Current Enforcing Mode property being set to Enforcing. First let's run a few checks to see if this might be the case. Open a terminal, and then enter each of the following commands:
$ /usr/sbin/getenforceIf the SELinux is running, and the Current Enforcing Mode property is set, you should see something like the following after running each of these commands:
$ /usr/sbin/sestatus
You can also do this step by using the SELinux Management GUI tool. From the System menu go to Administration and then select SELinux Management:
The SELinux Administration tool window appears.
The Current Enforcing Mode property setting will be displayed. This completes status check. Next, let's implement a temporary fix to get integrated applications up and running quickly.
Step 2: Implement Temporary Fix
Temporarily disable enforcement, and then check the status of this property once again. At the prompt, enter the following commands:
$ /usr/sbin/setenforce 0You should see something like the following after running each of these commands:
$ /usr/sbin/getenforce
Or, if you would rather use the GUI, on the SELinux Administration tool, just change the Current Enforcing Mode property setting from Enforcing to Permissive, like so:
Close the SELinux Administration tool.
Next, restart the Postgresql-9.0 service. From the terminal prompt, enter the following command:
$ service postgresql-9.0 startYou should see something like that shown below:
If you want to do this from a GUI, then from the System menu, go to Administration, and then select Services. The Service Configuration window appears.
Scroll the left list pane down until you see the postgresql-9.0 service. When you see this service, select it. Now look at the right Status pane. The current status information associated with the selected service appears there. You should see something like that shown in the figure below:
Click on the Start button just above the service list pane on the left. After a few moments, an information prompt will appear indicating successful startup:
And if you look in the Status pane again, you'll see a new message:
Step 3: Implement Permanent Fix
At this point, your PostgreSQL instance is up and running and accessible by your other integrated applications. However, should the Linux server hosting this instance be shutdown and restarted, you'll go through all of this all over again. To implement a permanent fix, you'll need to edit the SELinux Config file. Enter the following commands:
$ gedit /etc/selinux/configThe gedit text editor opens to the SELinux Config file. Note the setting of the SELINUX property.
Change the setting of the SELINUX property from enforcing to permissive, like so:
Save and exit gedit. That's it. You're done. As a final test, reboot the system, and then check postgresql-9.0 service status: this time it will be running after a reboot.
References
- Introduction to SELinux
- Service Status
- cannot restore segment prot after reloc: Permission denied
- Enabling and Disabling SELinux
- Switch SELinux "Enforcing" mode to "Permissive" mode
- To check the status of a service from the command line:
- $ service [servicename] status
- $ ps -ef | grep [servicename]
- If you need to enforce SELinux policy consistently then consider implementing a selective SELinux policy.
No comments:
Post a Comment