<分区>
当我在 FreeBSD jail 中初始化 PostgreSQL 数据库时出现问题。
我找到了一篇关于该问题的文章。我尝试了它的建议,但我没有任何运气,我也不知道为什么。 有链接:PostgreSQL in jail .
我还阅读了关于 kernel resources 的 PostgreSQL 文档:
If running in FreeBSD jails by enabling
sysctl'ssecurity.jail.sysvipc_allowed, postmasters running in different jails should be run by different operating system users. This improves security because it prevents non-root users from interfering with shared memory or semaphores in different jails, and it allows the PostgreSQL IPC cleanup code to function properly. (In FreeBSD 6.0 and later the IPC cleanup code does not properly detect processes in other jails, preventing the running of postmasters on the same port in different jails.)
我做了什么:
- 我编辑了
/etc/rc.conf(在主机上)并添加了行jail_sysvipc_allow="YES" - 在 jail 机器的
/etc/sysctl.conf中,我添加行security.jail.sysvipc_allowed=1
我多次重启了 jail 机器。我没有重启主机,也不想重启。
希望有人能给我一个解决方案或一些建议。非常感谢。
这是我重启 jail 时的消息:
/etc/rc.d/sysctl: WARNING: unable to set security.jail.sysvipc_allowed=1
或者当我手动运行 sysctl 时:(在 jail 中)
root@xxxxx:/home/xxxx# sysctl security.jail.sysvipc_allowed=1
security.jail.sysvipc_allowed: 0
sysctl: security.jail.sysvipc_allowed: Operation not permitted
Freebsd 版本:FreeBSD xxxxxxx 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE
postgreSQL 版本:postgresql-server-9.1.4
错误信息:
root@xxxxxx:/home/xxx # /usr/local/etc/rc.d/postgresql initdb
The files belonging to this database system will be owned by user "pgsql".
This user must also own the server process.
The database cluster will be initialized with locale C.
The default text search configuration will be set to "english".
creating directory /usr/local/pgsql/data ... ok
creating subdirectories ... ok
selecting default max_connections ... 10
selecting default shared_buffers ... 400kB
creating configuration files ... ok
creating template1 database in /usr/local/pgsql/data/base/1 ... FATAL: could not create
shared memory segment: Function not implemented
DETAIL: Failed system call was shmget(key=1, size=2146304, 03600).
child process exited with exit code 1
initdb: removing data directory "/usr/local/pgsql/data"
更新:
在主机中, /etc/sysctl.conf: security.jail.sysvipc_allowed=1 /etc/rc.conf : jail_sysvipc_allow="YES"
在 Jail 服务器中,没有额外的 jail_sysvipc 配置。
主机中的 sysctl 值:
root@xxxxx:/home/xxxx# sysctl -a | grep 'sysvipc'
security.jail.param.allow.sysvipc: 0
security.jail.sysvipc_allowed: 1
我仍然收到与之前相同的错误消息。
另外,我想知道security.jail.param.allow.sysvipc有没有什么? 因为,在主机中,我不允许设置它。 (security.jail.param.allow.sysvipc 0-> 0)