Solved PostgreSQL in Jail

Oko

Oko

PostgreSQL initiation fails in Jail (TrueOS 10.1.1+Warden) with the message "could not create shared memory segment. Function not implemented". Is it possible to run PostgreSQL 9.4 in Jail? That seems a long standing issue

http://www.freebsddiary.org/jail-multiple.php

and I see this

https://forums.freebsd.org/threads/posgresql-does-not-work-with-freebsd-9-2-rc4.42041/

I see on my machine that
Code: 
security.jail.sysvipc_allowed = 0
in Jail.

Solved!!! Shut down the jail and do:

warden set flags <jail_name> allow.sysvipc=true
 
Thanks Oko. For the archives as well as if you happen to try running a second identical jail, another common "gotcha" with jails and PostgreSQL or other applications that System V IPC comes into play when multiple applications run with the same user ID but in different jails. They interfere so you have to use different UIDs because of the way System V is implemented.

See jail(8):
allow.sysvipc
A process within the jail has access to System V IPC primitives. In the current jail implementation, System V primitives share a single namespace across the host and jail environments, meaning that processes within a jail would be able to communicate with (and potentially interfere with) processes outside of the jail, and in other jails.
Click to expand...

Also see some other mentions of the different UIDs with Sys V IPC applications.
http://www.freebsddiary.org/jail-multiple.php
https://wiki.freebsd.org/Jails
 
  • Thanks
Reactions: Oko
You must log in or register to reply here.
Back
Top