[DRBD-user] Drbd postgresql slave node problem

David david at davidbranford.net
Sat Aug 27 21:16:41 CEST 2005

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.


> -----Original Message-----
> From: roberto ms [mailto:robertoms2003 at hotmail.com]
> Sent: Sunday, 28 August 2005 12:42 AM
> To: david at davidbranford.net
> Subject: RE: [DRBD-user] Drbd postgresql slave node problem
>
>
> Hi David,
>
> You are 100% right. The solution to my problem was within linux user
> UID/GID.
>
> As a matter of a fact there is some additional information in the page:
>
> http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/admin-primer
> /s1-acctsgrps-rhlspec.html
>
> where it says:
>
> "UIDs and GIDs must be globally unique within your organization if you
> intend to share files and resources over a network. Otherwise, whatever
> access controls you put in place will fail to work properly, as they are
> based on UIDs and GIDs, not usernames and group names.
>
> Specifically, if the /etc/passwd and /etc/group files on a file
> server and a
> user's workstation differ in the UIDs or GIDs they contain, improper
> application of permissions can lead to security issues.
>
> For example, if user juan has a UID of 500 on a desktop computer,
> files juan
> creates on a file server will be created with owner UID 500. However, if
> user bob logs in locally to the file server (or even some other
> computer),
> and bob's account also has a UID of 500, bob will have full
> access to juan's
> files, and vice versa.
>
> Therefore, UID and GID collisions are to be avoided at all costs."
>
> Thanks so very much.
>
> Roberto Modesto.
>

Glad that it worked! How well is postgres failover working for you? Has it
been reliable? It'd be great if you could let us know when you've done some
more testing...

David

>
> >From: "David" <david at davidbranford.net>
> >To: "DRBD List" <drbd-user at lists.linbit.com>
> >Subject: RE: [DRBD-user] Drbd postgresql slave node problem
> >Date: Sat, 27 Aug 2005 17:08:01 +0930
> >
> > > -----Original Message-----
> > > From: roberto ms [mailto:robertoms2003 at hotmail.com]
> > > Sent: Saturday, 27 August 2005 6:20 AM
> > > To: david at davidbranford.net
> > > Subject: RE: [DRBD-user] Drbd postgresql slave node problem
> > >
> > >
> > > Hi David,
> > >
> > > Thanks for the quick reply.
> > >
> > > >1) you probaly will just want to delete that pid file
> anyway, since it
> >is
> > > >not going to be relevent to the state of the (non-running) pgsql
> > > process on
> > > >the second machine
> > >
> > > Everytime postgresql is started a postmater.pid file is created. When
> > > postgres is stopped the posmater.pid file is deleted as well.
> > >
> > > Let us suppose I have the same user name (postgres) for both
> computers
> >as
> > > owners of pgsql 'data' directory. And also consider I will
> not be using
> > > drbd. In this case I can start postgresql on each computer (no longer
> > > connected by drbd) with no problem.
> > >
> > > Now, I will restart both computers, and I will be using drbd, to
> > > share all
> > > of the postgres directories.
> > > I will have no problem starting postgres on the master (the one I
> > > chose to
> > > be the primary one). HOWEVER, when I make the slave node to be
> > > the primary
> > > one, I noticed that .... the 'postgres' user is no  longer
> the owner of
> > > pgsql 'data' directory (on the slave node). Because of that the
> > > postmaster.pid file cannot be created, and postgresql cannot
> be started.
> > >
> > > Now, let us suppose that I fix the ownership of the pgsql 'data'
> > > directory
> > > on the slave node, back to the default user 'postgresql'. Then in
> > > this case,
> > > postmater.pid gets to be created and postgresql gets to be
> starrted. But
> > > then, when I get back to the master computer (as primary one), I
> > > notice that
> > > the ownership of pgsql 'data' directory has changed to a
> diferent user,
> >I
> > > can not start postgreql on the master node.
> > >
> > > MAYBE drbd is changing the ownership of some pgsql diretories on
> > > the passive
> > > computer.
> > >
> > > So the problem is best put as:
> > >
> > > THE CHANGING OF PGSQL DIRECTORY OWNERSHIP ON THE PASSIVE NODE WHILE
> >USING
> > > DRBD.
> >
> >This still sounds like your postgres user - could you check one
> more thing?
> > >From my (very) basic understanding:- A username is assigned two unique
> >numbers - a uid (user id) and gid (group id).
> >
> >There is no guarantee for any user other than root, bin, wheel
> (and perhaps
> >a couple others) that these numbers will be the same for each system. You
> >need to check the entry for your postgres user in /etc/passwd on each
> >system. You should have an entry looking something like:
> >
> >postgres:x:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
> >
> >or whatever your postgres user is called. It sounds like those
> numbers (in
> >this example 26:26) are different on each of the PC's.
> >
> >ie. on the other system you might have:
> >
> >postgres:x:28:28:PostgreSQL Server:/var/lib/pgsql:/bin/bash
> >
> >...for example.
> >
> >If so then the ownership of your postgres directory is not
> changing between
> >systems but instead to one system it will always appear to be owned by a
> >differnt user, because the uid/gid values assigned to the directory don't
> >match the entry in that machine's /etc/passwd file for the postgres user.
> >
> >hope this helps...
> >
> >David.
> >
> > >
> > > Roberto Modesto.
> > >
> > >
> > > >From: "David" <david at davidbranford.net>
> > > >To: "roberto ms" <robertoms2003 at hotmail.com>
> > > >Subject: RE: [DRBD-user] Drbd postgresql slave node problem
> > > >Date: Sat, 27 Aug 2005 05:27:05 +0930
> > > >
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: drbd-user-bounces at lists.linbit.com
> > > > > [mailto:drbd-user-bounces at lists.linbit.com]On Behalf Of roberto ms
> > > > > Sent: Saturday, 27 August 2005 5:22 AM
> > > > > To: drbd-user at lists.linbit.com
> > > > > Subject: [DRBD-user] Drbd postgresql slave node problem
> > > > >
> > > > >
> > > > > Hi,
> > > > >
> > > > > I have an active/passive pc setup.
> > > > >
> > > > > Everything works just fine, except for pgsql.
> > > > >
> > > > > While the master computer is on, I am able to open postgresql.
> > > > >
> > > > > However, if I make the other (slave) computer to be the
> > > primary one, I
> > > >am
> > > > > not able to start
> > > > > postgres, because the ownership of its directories is changed.
> > > > >
> > > > > I get following error: pg_ctl: could not open PID file
> > > > > ".../data/postmaster.pid": Permission
> > > > > denied.
> > > >
> > > >couple of suggestions...
> > > >
> > > >1) you probaly will just want to delete that pid file
> anyway, since it
> >is
> > > >not going to be relevent to the state of the (non-running) pgsql
> > > process on
> > > >the second machine
> > > >
> > > >2) presumably the pgsql directory and its files are owned by the
> > > pgsql user
> > > >so... are the pid/uid numbers for the pgsql user the same on
> > > both machines?
> > > >they will need to be the same otherwise to the pgsql process
> > > running on the
> > > >second system it will appear that they are not owned by pgsql,
> > > thus it will
> > > >not have permission to access them
> > > >
> > > > > If I switch back to the master node, then I am able to start
> >postgres.
> > > > >
> > > > > It seems to me that DRBD is changing the ownership of postgresql
> > > > > directories
> > > > > on
> > > > > the slave node.
> > > > >
> > > > > It looks like I am missing something, but I can´t figure it out.
> > > > >
> > > > > I´m using slackware 10. There are no drbd error msg.
> > > > >
> > > > > I´d appreciate any help.
> > > > >
> > > > > Thanks.
> > > > >
> > > > > Roberto Modesto.
> > > > >
> > > > > _________________________________________________________________
> > > > > Chegou o que faltava: MSN Acesso Grátis. Instale Já!
> > > > > http://www.msn.com.br/discador
> > > > >
> > > > > _______________________________________________
> > > > > drbd-user mailing list
> > > > > drbd-user at lists.linbit.com
> > > > > http://lists.linbit.com/mailman/listinfo/drbd-user
> > > > >
> > > > >
> > > > >
> > > > >
> > > >
> > > >hth
> > > >
> > > >David
> > > >
> > > >
> > >
> > > _________________________________________________________________
> > > Chegou o que faltava: MSN Acesso Grátis. Instale Já!
> > > http://www.msn.com.br/discador
> > >
> > >
> > >
> > >
> > >
> >
> >
> >_______________________________________________
> >drbd-user mailing list
> >drbd-user at lists.linbit.com
> >http://lists.linbit.com/mailman/listinfo/drbd-user
>
> _________________________________________________________________
> MSN Messenger: converse online com seus amigos .
> http://messenger.msn.com.br
>
>
> !DSPAM:431082d7292731780620301!
>
>

More information about the drbd-user mailing list