PosgreSQL does not work with FreeBSD 9.2-RC4

zodias

zodias

Hi all,

I upgraded from FreeBSD 9.1-RELEASE-p7 to 9.2-RC-4 from source.

# uname -v
Code: 
FreeBSD 9.2-RC4 #0 r255732: Fri Sep 20 22:26:06 EEST 2013     root@:/usr/obj/usr/src/sys/GENERIC

I used PostgreSQL 9.2 in a jail and it ran just fine. After the upgrade the database server stopped. I upgraded to PostgreSQL 9.3 but still no positive result. I downgraded to PostgreSQL 9.2 with new initialization but still on the same position.

The error from /var/log/messages is:
Code: 
Sep 21 19:48:44 db postgres[4708]: [1-1] FATAL:  could not create shared memory segment: Function not implemented
Sep 21 19:48:44 db postgres[4708]: [1-2] DETAIL:  Failed system call was shmget(key=1, size=40, 03600).

As stated in the PostgreSQL documentation the following parameters can be set up:
Code: 
kern.ipc.shmall=32768
kern.ipc.shmmax=134217728
kern.ipc.semmap=256
and
Code: 
kern.ipc.semmni=256
kern.ipc.semmns=512
kern.ipc.semmnu=256

My parameters are:
Code: 
kern.ipc.shmall: 131072
kern.ipc.shmmax: 536870912
but # sysctl kern.ipc.semmap returns:
Code: 
sysctl: unknown oid 'kern.ipc.semmap'
FreeBSD 9.1-RELEASE-p7 returns the same result but the database works.

The next parameters are:
Code: 
kern.ipc.semmni=256
kern.ipc.semmns=512
kern.ipc.semmnu=256

Initializing the database server with # /usr/local/etc/rc.d/postgresql initdb returns:
Code: 
The files belonging to this database system will be owned by user "pgsql".
This user must also own the server process.

The database cluster will be initialized with locales
  COLLATE:  C
  CTYPE:    en_US.UTF-8
  MESSAGES: en_US.UTF-8
  MONETARY: en_US.UTF-8
  NUMERIC:  en_US.UTF-8
  TIME:     en_US.UTF-8
The default text search configuration will be set to "english".

creating directory /usr/local/pgsql/data ... ok
creating subdirectories ... ok
selecting default max_connections ... 10
selecting default shared_buffers ... 400kB
creating configuration files ... ok
creating template1 database in /usr/local/pgsql/data/base/1 ... FATAL:  could not create shared memory segment: Function not implemented
DETAIL:  Failed system call was shmget(key=1, size=2088960, 03600).
child process exited with exit code 1
initdb: removing data directory "/usr/local/pgsql/data"
root@db:/root #

Can you help me with this, please?
 
urosgruber said:
What is the value of security.jail.sysvipc_allowed? It should be 1.
Click to expand...

It is on the host. But inside the jail it is 0 for some reason. I use sysutils/ezjail. When I tried to add the parameter in the jail configuration file it didn't work.

Here is some extract of the configurations:

from /etc/rc.conf:
Code: 
ezjail_enable="YES"
jail_sysvipc_allow="YES"

from /usr/local/ezjail/db:
Code: 
export jail_db_hostname="db"
export jail_db_ip="10.10.0.8"
export jail_db_rootdir="/ezjails/db"
export jail_db_exec_start="/bin/sh /etc/rc"
export jail_db_exec_stop=""
export jail_db_mount_enable="YES"
export jail_db_devfs_enable="YES"
export jail_db_devfs_ruleset="devfsrules_jail"
export jail_db_procfs_enable="YES"
export jail_db_fdescfs_enable="YES"
export jail_db_image=""
export jail_db_imagetype="zfs"
export jail_db_attachparams=""
export jail_db_attachblocking=""
export jail_db_forceblocking=""
export jail_db_zfs_datasets=""
export jail_db_cpuset=""
export jail_db_fib=""
export jail_db_parentzfs="production1"
export jail_db_parameters="allow.raw_sockets=1"
export jail_db_sysvipc_allow="YES"
export jail_db_post_start_script=""

but from inside the jail:
# sysctl -a | grep sysv
Code: 
kern.features.sysv_msg: 1
kern.features.sysv_sem: 1
kern.features.sysv_shm: 1
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
security.jail.param.allow.sysvipc: 0
security.jail.sysvipc_allowed: 0
and # sysctl -a | grep raw:
Code: 
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>2b279d75-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>042ff7d0-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>b015023d-e811-11e2-9338-002590af1027</rawuuid>
            <rawtype>516e7cb5-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>bb2ceac4-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>9941097b-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>83bd6b9d-7f41-11dc-be0b-001560b84f0f</rawtype>
            <rawuuid>5bfdda4e-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>268c61bb-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>f6a65eb5-036e-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>aa722bea-e811-11e2-9338-002590af1027</rawuuid>
            <rawtype>516e7cb5-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>b5768916-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>906d8efa-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>83bd6b9d-7f41-11dc-be0b-001560b84f0f</rawtype>
            <rawuuid>5863042c-e7ff-11e2-b15e-002590af1027</rawuuid>
net.inet.raw.recvspace: 9216
net.inet.raw.maxdgram: 9216
net.raw.recvspace: 8192
net.raw.sendspace: 8192
hw.midi.dumpraw: 0
security.jail.param.allow.raw_sockets: 0
security.jail.allow_raw_sockets: 1

Aside from the topic: what is the difference between the last two parameters?
 
zeissoctopus said:
Please check The FreeBSD Diary, especially for kern.ipc.* settings in /etc/sysctl as well as /boot/loader.conf.
Click to expand...

Alas the result is the same.

Now I have: # sysctl -a | grep sysvipc
Code: 
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
security.jail.param.allow.sysvipc: 0
security.jail.sysvipc_allowed: 1
and # sysctl -a | grep raw
Code: 
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>2b279d75-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>042ff7d0-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>b015023d-e811-11e2-9338-002590af1027</rawuuid>
            <rawtype>516e7cb5-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>bb2ceac4-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>9941097b-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>83bd6b9d-7f41-11dc-be0b-001560b84f0f</rawtype>
            <rawuuid>5bfdda4e-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>268c61bb-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>f6a65eb5-036e-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>aa722bea-e811-11e2-9338-002590af1027</rawuuid>
            <rawtype>516e7cb5-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>b5768916-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>906d8efa-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>83bd6b9d-7f41-11dc-be0b-001560b84f0f</rawtype>
            <rawuuid>5863042c-e7ff-11e2-b15e-002590af1027</rawuuid>
net.inet.raw.recvspace: 9216
net.inet.raw.maxdgram: 9216
net.raw.recvspace: 8192
net.raw.sendspace: 8192
hw.midi.dumpraw: 0
security.jail.param.allow.raw_sockets: 0
security.jail.allow_raw_sockets: 1
and something new for me:
# sysctl -a | grep ezja
Code: 
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailStopping jails: db db2 lex store subaru svn svn2 tomcat uvo.bg web_proxy zlatkoasenov.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailStopping jails: db db2 lex store subaru svn svn2 tomcat uvo.bg web_proxy zlatkoasenov.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailStopping jails: db db2 lex store subaru svn svn2 tomcat uvo.bg web_proxy zlatkoasenov.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailStopping jails: db db2 lex store subaru svn svn2 tomcat uvo.bg web_proxy zlatkoasenov.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
 
# sysctl -a | grep kern.ipc
Code: 
kern.ipc.maxsockbuf: 2097152
kern.ipc.sockbuf_waste_factor: 8
kern.ipc.somaxconn: 128
kern.ipc.max_linkhdr: 16
kern.ipc.max_protohdr: 60
kern.ipc.max_hdr: 76
kern.ipc.max_datalen: 92
kern.ipc.nmbjumbo16: 4096
kern.ipc.nmbjumbo9: 8192
kern.ipc.nmbjumbop: 16384
kern.ipc.nmbclusters: 32768
kern.ipc.piperesizeallowed: 1
kern.ipc.piperesizefail: 0
kern.ipc.pipeallocfail: 0
kern.ipc.pipefragretry: 0
kern.ipc.pipekva: 114688
kern.ipc.maxpipekva: 133353472
kern.ipc.msgseg: 2048
kern.ipc.msgssz: 8
kern.ipc.msgtql: 40
kern.ipc.msgmnb: 2048
kern.ipc.msgmni: 40
kern.ipc.msgmax: 16384
kern.ipc.semaem: 16384
kern.ipc.semvmx: 32767
kern.ipc.semusz: 632
kern.ipc.semume: 50
kern.ipc.semopm: 100
kern.ipc.semmsl: 340
kern.ipc.semmnu: 256
kern.ipc.semmns: 512
kern.ipc.semmni: 256
kern.ipc.shm_allow_removed: 0
kern.ipc.shm_use_phys: 0
kern.ipc.shmall: 131072
kern.ipc.shmseg: 128
kern.ipc.shmmni: 192
kern.ipc.shmmin: 1
kern.ipc.shmmax: 536870912
kern.ipc.maxsockets: 49312
kern.ipc.numopensockets: 158
kern.ipc.nsfbufsused: 0
kern.ipc.nsfbufspeak: 0
kern.ipc.nsfbufs: 0
 
zodias said:
Code: 
export jail_db_parameters="allow.raw_sockets=1"
Click to expand...
You need to add allow.sysvipc here.
Code: 
export jail_db_parameters="allow.raw_sockets=1 allow.sysvipc=1"

Keep in mind the security implications of enabling this. Processes from other jails and the host access the same shared memory and can interfere with it.
 
SirDice said:
You need to add allow.sysvipc here.
Code: 
export jail_db_parameters="allow.raw_sockets=1 allow.sysvipc=1"

Keep in mind the security implications of enabling this. Processes from other jails and the host access the same shared memory and can interfere with it.
Click to expand...

But it is set only to a specific jail ('db' in my case), not for all of them isn't it?
 
For your information, if you ever upgraded to PostgreSQL 9.3 it no longer uses SysV shared memory and so you wouldn't have to play with these settings anyway. It now uses POSIX/mmap shared memory instead.
 
xtaz said:
For your information, if you ever upgraded to PostgreSQL 9.3 it no longer uses SysV shared memory and so you wouldn't have to play with these settings anyway. It now uses POSIX/mmap shared memory instead.
Click to expand...

Yes, I read the PostgreSQL release notes and I am glad for that but I didn't expect such an issue.
 
SirDice said:
You need to add allow.sysvipc here.
Code: 
export jail_db_parameters="allow.raw_sockets=1 allow.sysvipc=1"

Keep in mind the security implications of enabling this. Processes from other jails and the host access the same shared memory and can interfere with it.
Click to expand...

Thanks for the solution. Could you explain why this worked in 9.1-RELEASE-p7 and not 9.2-RELEASE?

I too ran into the same and everything worked in 9.1-RELEASE-p7
 
You must log in or register to reply here.
Back
Top