Postgres exits with "Permissions should be u=rwx (0700)"

[lalyos]

I tried to use dvol with postgres

I started postgres as:

docker run -d -P --name psql -v test:/var/lib/postgresql/data --volume-driver=dvol postgres:9.4.4

Than inserted some data, did a commit, and tried to reset. After reset the container has died:

docker logs psql
LOG:  database system was interrupted; last known up at 2016-03-10 21:05:08 UTC
LOG:  database system was not properly shut down; automatic recovery in progress
LOG:  record with zero length at 0/16B7838
LOG:  redo is not required
LOG:  MultiXact member wraparound protections are now enabled
LOG:  autovacuum launcher started
LOG:  database system is ready to accept connections
LOG:  received smart shutdown request
LOG:  autovacuum launcher shutting down
LOG:  shutting down
LOG:  database system is shut down
FATAL:  data directory "/var/lib/postgresql/data" has group or world access
DETAIL:  Permissions should be u=rwx (0700).

[afflick]

Hi @lalyos - did you find a way to resolve this?

[srugano]

Yes. A sudo chmod 700 -R /var/lib/postgresql/data did the trick.

[tainguyenbp]

Yes. A sudo chmod 700 -R /var/lib/postgresql/data did the trick.

good ideas, tks you

[mkdel]

okay, then next question is "how to monitor file system space usage if '/var/lib/pgsql/9.6/data' is a mount point? for example I have "node_exporter" user and without +x it's hard to see the data through the 'df -h' command.

[mkdel]

wow, as it tuned out, 'o+x' permission has to be given to a parent directory, so 'sudo chmod 701 /var/lib/pgsql/9.6/' is enough for it :), now 'df -h' shows info about mounted fs for everyone.

[Emanoid]

I use a windows device to run containers via docker. Where can i run this 'fix command - sudo chmod 700 -R /var/lib/postgresql/dat'?

[Emanoid]

Yes. A sudo chmod 700 -R /var/lib/postgresql/data did the trick.

Where do you run this command? I use docker on Windows and run command using git-bash, is there a directory i can run this command on?

[RRSR]

sudo chmod 700 -R /var/lib/postgresql/data

I earlier tried with 777 but that did not work. I used 700 instead and it worked fine, thanks.

[swiss-chris]

sudo chmod -R 700 mydirectory lets me start the DB service, but a few seconds after runnint pg_ctl -D mydirectory -l logfile start the permissions are right back to drwxr-xr-x and the next time I start the DB I see the following in the log file:

FATAL:  data directory "mydirectory" has group or world access
DETAIL:  Permissions should be u=rwx (0700).

Any ideas how I can prevent the permissions from reverting back to drwxr-xr-x on their own ?

EDIT: I deleted mydirectory and reran the initdb command. After that everything worked fine.

[mohit1337]

I use a windows device to run containers via docker. Where can i run this 'fix command - sudo chmod 700 -R /var/lib/postgresql/dat'?

You mostly see this error on windows since it attempts to mount files from a linux file system to windows file system which does not work. If you do not particularly care about accessing the files then you can use a named volume to mount the postgres volume and it works.

Do remember to define the named volume.

version: "3"
services:
  postgres:
    image: "postgres"
    ports:
      - 5432:5432
    environment:
      POSTGRES_USER: "MyUser"
      POSTGRES_PASSWORD: "Password!23"
      POSTGRES_DB: "example"
    volumes: 
      - psql:/var/lib/postgresql/data
volumes:
  psql:

[avison9]

@mohit1337 what if you care about accessing the data, what can be done?

[mohit1337]

@mohit1337 what if you care about accessing the data, what can be done?

There are several options like mounting the named volume or inspecting it. You can view some solutions here.

[wise-refera]

Yes. A sudo chmod 700 -R /var/lib/postgresql/data did the trick.

How/where can I run this command on windows?

[RomuloRamos]

I use a windows device to run containers via docker. Where can i run this 'fix command - sudo chmod 700 -R /var/lib/postgresql/dat'?

Hello :)

In your docker-compose file, do this:

version: '3.7'

services:
postgres:
image: postgres:latest
env_file:
- .env
container_name: YourContainerName
restart: always
environment:
- POSTGRES_DB=${DATABASE_NAME}
- POSTGRES_USER=${DATABASE_USER}
- POSTGRES_PASSWORD=${DATABASE_PSW}
volumes:
- ./postgres-data:/var/lib/postgresql/data 777 #it will atribute permission 777 to this directory
ports:
- 5432:5432

I hope it help you. It was the solution to me.

Best Regards,
Rômulo

[rogudator]

I use a windows device to run containers via docker. Where can i run this 'fix command - sudo chmod 700 -R /var/lib/postgresql/dat'?

Hello :)

In your docker-compose file, do this:

version: '3.7'

services: postgres: image: postgres:latest env_file: - .env container_name: YourContainerName restart: always environment: - POSTGRES_DB=${DATABASE_NAME} - POSTGRES_USER=${DATABASE_USER} - POSTGRES_PASSWORD=${DATABASE_PSW} volumes: - ./postgres-data:/var/lib/postgresql/data 777 #it will atribute permission 777 to this directory ports: - 5432:5432

I hope it help you. It was the solution to me.

Best Regards, Rômulo

No, it won't?
It will just create folder called "data 777"

root@49f4b35d2745:/# ls
bin dev etc lib media opt root sbin sys usr
boot docker-entrypoint-initdb.d home lib64 mnt proc run srv tmp var
root@49f4b35d2745:/# cd var
root@49f4b35d2745:/var# ls
backups cache lib local lock log mail opt run spool tmp
root@49f4b35d2745:/var# cd lib
root@49f4b35d2745:/var/lib# ls
apt dpkg misc pam postgresql systemd ucf
root@49f4b35d2745:/var/lib# cd postgresql
root@49f4b35d2745:/var/lib/postgresql# ls
data 'data 777'

[kolegran]

@RomuloRamos thanks, it helped me

[vi-step]

RomuloRamos Thanks! Finally convenient way to fix it without using named containers / etc

[Ferrans90]

@RomuloRamos Thanks, bro.