Re: PG84 and SELinux

On Wed, December 1, 2010 16:54, Tom Lane wrote:
> "James B. Byrne" <byrnejb(at)harte-lyne(dot)ca> writes:
>> Earlier today I attempted to upgrade a production server
>> from 8.1 to 8.4 using the pgdg-84-centos.repo. I say
>> attempted because I could never get it to support ssl
>> connections and as that is a requirement I had to roll
>> back to 8.1.
>
> Can't comment on that without a lot more detail.
>
On Fri, December 3, 2010 07:40, James B. Byrne wrote:
>
> I restarted the server this morning, waited for the relabel to
> finish ( a very long time ), and then upgraded to pg-8.4 without any
> problems. SSL works fine as well. . .

I wrote too soon. What I did was uncomment the ssl option. I
neglected to change the setting from off to on.

When I try to start the server with ssl=on it fails with this error:

Auto configuration failed
29006:error:0E065068:configuration file routines:STR_COPY:variable
has no value:conf_def.c:629:line 207

I have checked gpsql/data and the server.key and server.crt files
are both present:

-rw------- 1 postgres postgres 5213 Dec 12 2007 server.crt
-rw------- 1 postgres postgres 1675 Dec 12 2007 server.key

The only change made in the postgresql.conf file that triggered this
was changing 'off' to 'on' for ssl. Changing it back to 'off' makes
the problem disappear.

--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB(at)Harte-Lyne(dot)ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3