Dianne Yumul <dianne@xxxxxxxxxxxxxxx> writes: > # rm -f pgstartup.log > # /etc/rc.d/init.d/postgresql start > /usr/bin/chcon: can't apply partial context to unlabeled file > /home/postgres/pgstartup.log > Starting postgresql service: [FAILED] > # ps aux | grep postmaster > postgres 10470 34.1 0.6 112404 5248 pts/0 S 09:24 0:02 > /usr/bin/postmaster -p 5432 -D /home/postgres/data > root 10480 0.0 0.0 3756 668 pts/0 R+ 09:24 0:00 grep > postmaster Odd. I don't see any reason that you'd not get the OK message, given that the postmaster started. I've seen reports of that before, eg, https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152931 but it's far from clear why some people see this and some don't. In any case I suspect that the FAILED message is unrelated to the chcon problem. > ls -Z /home/postgres/pgstartup.log > Gives: > Sorry, this option can only be used on a SELinux kernel. > But after setting selinux to permissive mode, ls -Z > /home/postgres/pgstartup.log gives: > -rw------- postgres postgres system_u:object_r:postgresql_log_t > /home/postgres/pgstartup.log There is something very flaky about either your kernel or your selinux utilities. Are you up-to-date on kernel version? (Let's see ... my FC3 machine is at 2.6.11-1.14_FC3, and I think I may be behind ...) I tried to reproduce the problem by doing what the initscript does, without any success: [tgl@rh1 ~]$ sudo mkdir /home/postgres [tgl@rh1 ~]$ sudo chown postgres:postgres /home/postgres [tgl@rh1 ~]$ PGLOG=/home/postgres/pgstartup.log [tgl@rh1 ~]$ sudo touch "$PGLOG" [tgl@rh1 ~]$ sudo ls -Z $PGLOG -rw-r--r-- root root root:object_r:user_home_t /home/postgres/pgstartup.log [tgl@rh1 ~]$ sudo chown postgres:postgres "$PGLOG" [tgl@rh1 ~]$ sudo chmod go-rwx "$PGLOG" [tgl@rh1 ~]$ sudo /usr/bin/chcon -u system_u -r object_r -t postgresql_log_t "$PGLOG" [tgl@rh1 ~]$ sudo ls -Z $PGLOG -rw------- postgres postgres system_u:object_r:postgresql_log_t /home/postgres/pgstartup.log [tgl@rh1 ~]$ uname -r 2.6.11-1.14_FC3 [tgl@rh1 ~]$ rpm -qf /usr/bin/chcon coreutils-5.2.1-31 so I suspect that what you are running into is either a kernel bug or a chcon bug; it'd be worth making sure both kernel and coreutils are up to date. If you try the sequence by hand, what do you get? >> Oh, and is the message really complaining >> about /home/postgres/pgstartup.log? AFAICS the initscript should be >> messing with /var/lib/pgsql/pgstartup.log. > Sorry, I forgot to mention that I changed some of the defaults via > /etc/sysconfig/pgsql/postgresql file, which looks like this: > PGDATA=/home/postgres/data > PGLOG=/home/postgres/pgstartup.log That is going to give you some problems if you have SELinux in enforcement mode, because the standard policy will disallow the postgres daemon from writing anywhere under /home. You can fix this by fooling around with the policy and/or manually relabeling the database directory and files, but the path of least resistance is probably to leave the database directory in the normal place. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster