Postgresql – How to relax file permissions conditions on postgres database folder

dockerpostgresqlwindows 10

Postgresql service refuses to start if the data folder (PGDATA) doesn't belong exclusively to the postgres user (i.e. permissions = 700).

Is there any way to disable or circumvent that condition? Ideally I would like postgresql to start even if the permissions on that folder is set to 777.

Explanations:

I have built a Docker image with a running instance of Postgresql. The requirements are:

a) the container should be able to run on Windows Home edition (which
means Docker for Windows is not an option and we have to use
docker-machine and VirtualBox)
b) the user should use Kitematic to
download and run the Image, without any need to go to the command
line or do any post-install configuration (i.e. it should work out of
the box). This means that I only have control over what happens
within the container running Psql; I can't change the VM or Windows
configs.
c) the database must be stored on a data volume mounted on
the file system of the host OS (because I want the container to be
disposable and upgradable)

a) and b) works perfectly well. But as soon as the user enables the Data Volume in Kitematic (condition c) ) Postgres refuses to start because the owner of the DB folder is reset to 1000:staff which are the default user and group in boot2docker Virtal Machine. There is no way to programmatically change the owner or permissions inside the VirtualMachine due to the way VBox shares the folder with Windows (via a vboxfs mount).

So basically within the container I'm stuck with a PGDATA folder with full access to everyone (i.e. 777, which is not a really an issue in itself since the data is not sensitive and not exposed to other machines).

Best Answer

Related Solutions

MySQL Replication – Setting Up Slave with Percona and Docker

The root cause of this issue was the absence of the relay-log option in the mysql.cnf file (or in this case, due to the docker volume mounts, the docker.cnf file). This lead to the creation and usage of files such as 89726507f176-relay-bin.000002 initially, where 89726507f176 is the host name of the machine (randomly assigned by the docker daemon when an image is created). When the container was stopped, removed and recreated, a new set of files was created and used (e.g. be0c801d95bc-relay-bin.000407) but this caused sync issues.

By explicitly specifying a value for relay-log in the docker.cnf file the container was able to be removed and recreated without problems.

As a side note, I suggested also that there was a problem with the /var/log/mysql directory not being mounted - this is not the case. If however you specify a value of log_bin = /var/log/mysql/mysql-bin.log for example, then this is a requirement. If you do not specify this path, it seems the binary logs are stored locally in /var/lib/mysql which is already mounted outside the container.

My final docker.cnf file is as follows:

[mysqld]
skip-host-cache
skip-name-resolve
bind-address        = 0.0.0.0

binlog-ignore-db = mysql
replicate-ignore-db = mysql

log_bin = /var/log/mysql/mysql-bin.log

relay-log   = replication-1
server_id   = 1

Note: server_id = 2 on the replication slave.

Also note that without the relay-log option the command SHOW MASTER STATUS; returned no results on the master database container.

There is a possible outstanding issue yet which is that by default when you use docker stop it asks the container to terminate (by sending a SIGHUP to the docker entrypoint command) and if it doesn't terminate within 10 seconds it is forcefully stopped. I need to ensure taht this is given sufficient time to shut down as it could take a little while to sort itself out while under load, possibly resulting in data loss as a result.

Sql-server – Unable to attach SQL Server database with shared folder in docker on Linux

I figured out the problem with shares.

One thing I did was remove the share in VMWare because for some reason, the mount with vmhgfs did not work well with SQL Server. It just could not get the right privileges even if I tried setting them with chmod.

Instead I installed CIFS and mounted the share as

sudo mount.cifs //10.100.1.1/dbaclone/clone /data/dbaclone -o credentials=/home/sander/.dbaclonecredentials,dir_mode=0777,file_mode=0777

This mounted the share as needed.

SQL Server was able to connect to it without any permissions issues.

Best Answer

Related Solutions

MySQL Replication – Setting Up Slave with Percona and Docker

Sql-server – Unable to attach SQL Server database with shared folder in docker on Linux

Related Question