How to change log directory location in postgresql 9.4? - database

my current log_directory path is
**/opt/demo/PostgreSQL/9.4/data/pg_log**
I'm trying to change the log directory path to
**/logs/demo/**
The server won't start when i uncomment the log path and it starts only when its default.
The postgresql.conf file looks like
# ERROR REPORTING AND LOGGING
#------------------------------------------------------------------------------
# - Where to Log -
log_destination = 'stderr' # Valid values are combinations of
# stderr, csvlog, syslog, and eventlog,
# This is used when logging to stderr:
logging_collector = on
# These are only used if logging_collector is on:
#log_directory = '/logs/etbos/demo/' #directorywherelogfiles are written
#log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern,
# These are relevant when logging to syslog:
#syslog_facility = 'LOCAL0'
#syslog_ident = 'postgres'
# This is only relevant when logging to eventlog (win32):
#event_source = 'PostgreSQL'

So this is what I supposed :) You need to grant permissions to the new log directory to postgres user.
You can do this using f.e.:
sudo chown postgres:postgres /your/new/log/dir/path
Answering your other question:
To allow TCP/IP connections from remote hosts you need to edit pg_hba.conf file.
You can allow ALL TCP/IP connections by adding a line like this:
host all all 0.0.0.0/32 md5
There are five parameters above, you can read about them in the pg_hba.conf file in the comments at the top of the file, but in short they mean:
[connection_type] [database_name] [user_name] [remote_ip/mask] [auth_type]

Related

Access user keyring from systemd hook or crontab

I'm trying to implement a systemd hook (systemd-sleep) to connect and disconnect from protonvpn. However, these scripts are executed as root and do not have access to the keyring. The backend is kwallet, since I am on fedora-kde plasma. When I execute protonvpn-cli c --sc, I get the following error:
[...] keyring_data_user = ExecutionEnvironment().keyring[ File "/usr/lib/python3.10/site-packages/protonvpn_nm_lib/core/keyring/linuxkeyring.py", line 32, in __getitem__ raise exceptions.KeyringError(e) protonvpn_nm_lib.exceptions.KeyringError: Environment variable DBUS_SESSION_BUS_ADDRESS is unset
I tried several things, none of them worked:
run sudo -E -u myuser protonvpn-cli c --sc, or replacing -E by -i, or none.
importing the DBUS session of myuser (who is currently logged ir and has kwallet opened). In this case, I get the error [...] bus = secretstorage.dbus_init() File "/usr/lib/python3.10/site-packages/secretstorage/__init__.py", line 80, in dbus_init raise SecretServiceNotAvailableException(str(ex)) from ex secretstorage.exceptions.SecretServiceNotAvailableException: [Errno 32] Broken pipe
I tried systemd --user services, but I've found no way to link this service to the suspend.target, or hibernate.target, since they are system targets and are executed on separate process.
Is there a way give access the an already opened kwallet to this hook script?

MariaDB starts without errors and doesn't run

I start my mariadb with
/etc/init.d/mysql start
Then i get
starting MariaDB database server mysqld
No more messages.
When i call
service mysql status
i get
MariaDB is stopped
Why ?
my my.cnf is:
# Example mysql config file.
[client-server]
socket=/tmp/mysql-dbug.sock
port=3307
# This will be passed to all mysql clients
[client]
password=XXXXXX
# Here are entries for some specific programs
# The following values assume you have at least 32M ram
# The MySQL server
[mysqld]
temp-pool
key_buffer_size=16M
datadir=/etc/mysql/data
loose-innodb_file_per_table
[mariadb]
datadir=/etc/mysql/data
default-storage-engine=aria
loose-mutex-deadlock-detector
max- connections=20
[mariadb-5.5]
language=/my/maria-5.5/sql/share/english/
socket=/tmp/mysql-dbug.sock
port=3307
[mariadb-10.1]
language=/my/maria-10.1/sql/share/english/
socket=/tmp/mysql2-dbug.sock
[mysqldump]
quick
max_allowed_packet=16M
[mysql]
no-auto-rehash
loose-abort-source-on-error
Thank you for your help.
If your SELinux is set to permissive, please try to adjust the permissions :
Files in /var/lib/mysql should be 660.
/var/lib/mysql directory should be 755, Any of its subdirectories should be 700.
if your SELinux is set to enforcing, Please apply the right context.

hiredis getting err 1 REDIS_ERR_IO No such file or directory

redisAsyncConnectUnix() returns a redisAsyncContext(not NULL) that has err=1 i.e REDIS_ERR_IO with errstr "No such file or directory" , what file/directory are they looking for ?
Redis is up and running, was able to SET from redis-cli
redisAsyncConnectUnix is used to connect to the server using a Unix Domain Socket, which is materialized by a pseudo-file. The path of this file has to be provided as a parameter:
redisAsyncContext *redisAsyncConnectUnix(const char *path);
For instance, you could use:
path = /tmp/redis.socket
However, you need to check that the server (which has to run on the same machine than the client), is listening to the same path. Check the definition of the following parameters in the Redis configuration file:
unixsocket /tmp/redis.socket
unixsocketperm 755
Make sure the path is valid, and access rights are correct. You can check that the configuration is ok on server-side by running:
redis-cli -s /tmp/redis.socket

Keep mod_security messages out of Apache's error_log, letting it use a separate file

Having set up a new server, I'm now running v2 of mod_security. I was able to convert all my rules to the new format, and everything seems to run fine so far. Just one thing I didn't manage is to have mod_security using its own logs (instead of logging to Apache's error_log). With v1.9 I was at least able to duplicate the messages, defining an additional log file with
CustomLog /path/to/modsec_log "%h %l %u %t \"%r\" %>s %b %{mod_security-message}i" env=mod_security-relevant
But not even that works anymore. I couldn't find anything browsing the questions tagged mod-security2, aunt Google didn't turn up any useful hints either. Is there anything I might have missed?
Do you mean the audit and debug logs? I have them set at modsec2.conf like this
SecAuditLog logs/modsec_audit.log
SecDebugLog logs/modsec_debug_log
In the modsecurity_crs_10_setup.conf file (on my configuration under /usr/share/modsecurity-crs) you can disable the logs on Apache error.log
# -- [[ Alert Logging Control ]] --
# You have three options -
#
# - To log to both the Apache error_log and ModSecurity audit_log file use: "log"
# - To log *only* to the ModSecurity audit_log file use: "nolog,auditlog"
# - To log *only* to the Apache error_log file use: "log,noauditlog"
Just change SecDefaultAction to
SecDefaultAction "phase:1,deny,nolog,auditlog"
Set the Logpath in the modsecurity.conf file as follows:
SecAuditLog /root/...path../logs/modsec_audit.log ( Relative Path )

nagios Check result path is not a valid directory

i'm getting error when i run below command
nagios3 -v /etc/nagios3/nagios.cfg
Error in configuration file '/etc/nagios3/nagios.cfg' - Line 469 (Check result path is not a valid directory) Error processing main config file
So i looked ls -l /var/lib/nagios3/
drwxr-x--- 3 nagios nagios 1024 Mar 14 21:13 spool
In this case, why i'm getting error? Probably i think my /var/lib/nagios3/spool/checkresult/check2JcDx5 file contains wrong line. And when i run below command, i get this output.
#cat check2JcDx5
file_time=1363378360
host_name=localhost
service_description=HTTP
check_type=0
check_options=0
scheduled_check=1
reschedule_check=1
latency=0.122000
start_time=1363378360.122234
Disable SELinux:
# getenforce
# setenforce 0
Edit /etc/selinux/config. Set SELINUX=disabled.
You may be able to install the nagios-selinux package to add the policy to run nagios in an selinux environment. Better than disabling your existing security.

Resources