Participants
Euler Taveira
Euler Taveira
PG Bug reporting form
PG Bug reporting form
Attachments
Show all attachments
Thread Outline
#1PG Bug reporting formPG Bug reporting form
Mar 04, 2021
#2Euler TaveiraEuler Taveirato PG Bug reporting form (#1)
Mar 04, 2021
#3Euler TaveiraEuler Taveirato PG Bug reporting form (#1)
Mar 08, 2021

BUG #16915: use psql have error "could not change directory to "/root": Permission denied"

Started by PG Bug reporting formabout 5 years ago3 messagesbugs
Jump to latest
#1PG Bug reporting form
PG Bug reporting form
noreply@postgresql.org

The following bug has been logged on the website:

Bug reference: 16915
Logged by: ChenJianHua
Email address: 370619197@qq.com
PostgreSQL version: 13.0
Operating system: CENTOS 7
Description:

Just so that you have the correct expectation, the issue you have has
nothing to do with this ansible repository. I am looking into this as I find
it interesting. It is an issue that came with Postgres 13, as it does not
seem to be present in Postgres 12.

(As a hint, it helps to show your full strace command when you ask us for
help, so that we can reproduce and analyze your issue).

To reproduce your issue, I did the following:

#--- the postgres docker container is debian based, though
docker run -d --name=postgres --rm -e POSTGRES_PASSWORD=password postgres
docker exec -it postgres bash sudo

root@c376851a8443:~# sudo -u postgres psql
could not change directory to "/root": Permission denied
psql (13.1 (Debian 13.1-1.pgdg100+1))
Type "help" for help.

postgres=#

apt update
apt -y install strace procps vim

root@c376851a8443:~# strace -f sudo -u postgres psql 2>&1 | grep -E
"chdir|getcwd"
getcwd("/root", 4096) = 6
getcwd(0x7fff854af7e0, 4096) = 6
[pid 584] getcwd("/root", 4096) = 6
[pid 583] getcwd("/root", 1024) = 6
[pid 583] getcwd("/root", 1024) = 6
[pid 583] chdir("/usr/lib/postgresql/13/bin") = 0
[pid 583] getcwd("/usr/lib/postgresql/13/bin", 1024) = 27

[pid 583] chdir("/root") = -1 EACCES (Permission denied)

[pid 583] getcwd("/usr/lib/postgresql/13/bin", 1024) = 27
[pid 583] getcwd("/usr/lib/postgresql/13/bin", 1024) = 27
[pid 583] chdir("/usr/lib/postgresql/13/bin") = 0
[pid 583] getcwd("/usr/lib/postgresql/13/bin", 1024) = 27
[pid 583] chdir("/usr/lib/postgresql/13/bin") = 0
So, your problem is that you run sudo as the root user, and the root home
directory is more protected than other directories.

If you, for example run sudo -u postgres psql as another user, you will not
have the same (and only cosmetic) issue:

# create user
useradd -m arne

# give the user sudo rights
cat<<EOT >> /etc/sudoers
arne ALL=(ALL:ALL) NOPASSWD: ALL
EOT

root@c376851a8443:~# su - arne
$ sudo -u postgres psql
psql (13.1 (Debian 13.1-1.pgdg100+1))
Type "help" for help.

postgres=#
Or, you just run psql as postgres without using sudo when you are root.

root@c376851a8443:~# su - postgres -c psql
psql (13.1 (Debian 13.1-1.pgdg100+1))
Type "help" for help.

postgres=#
Or, you just ignore the error message and just run sudo -u postgres psql.

In a Postgres 12 container:

docker run -d --rm --name=postgres_12 -e POSTGRES_PASSWORD=password
postgres:12
docker exec -it postgres_12 bash

root@cd3b256e5e0b:/# sudo -u postgres psql
psql (12.5 (Debian 12.5-1.pgdg100+1))
Type "help" for help.

postgres=#

#2Euler Taveira
Euler Taveira
euler@eulerto.com
In reply to: PG Bug reporting form (#1)
Re: BUG #16915: use psql have error "could not change directory to "/root": Permission denied"

On Thu, Mar 4, 2021, at 8:21 AM, PG Bug reporting form wrote:

Just so that you have the correct expectation, the issue you have has
nothing to do with this ansible repository. I am looking into this as I find
it interesting. It is an issue that came with Postgres 13, as it does not
seem to be present in Postgres 12.

I didn't run your commands but I noticed that you are not using equivalent
commands. Your su command specifies '-' that means "Start the shell as a login
shell with an environment similar to a real login" and your sudo command does
not specify option -i that provides an equivalent feature. Could you test with 'sudo
-i -u postgres' and show us the result?

--
Euler Taveira
EDB https://www.enterprisedb.com/

#3Euler Taveira
Euler Taveira
euler@eulerto.com
In reply to: PG Bug reporting form (#1)
Re: BUG #16915: use psql have error "could not change directory to "/root": Permission denied"

On Fri, Mar 5, 2021, at 6:34 AM, 陈剑华 wrote:

Of course, I can
Centos7 ~ # sudo -u postgres -i psql
This account is currently not available.

I tested it and it prints the "permission denied" message. IMO your setup is
broken. The PGDG packages create a postgres user with a shell. The routine that
prints this message expects to chdir the current directory to validate the psql
path, however, due to sudo withouth a shell it cannot chdir the current
directory. It cannot happen if you use a shell (sudo -i).

this is my issue
https://github.com/ANXS/postgresql/issues/499

my passwd:
postgres:x:1000:1000::/var/lib/postgres:/sbin/nologin

PGDG packages create postgres user with a shell.

[root@centos7 ~]# grep postgres /etc/passwd
postgres:x:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash

Since, your setup is broken and that psql works even after this error, it is
hard to convince someone to fix this minor issue. I wouldn't even classify it
as a bug.

--
Euler Taveira
EDB https://www.enterprisedb.com/

Import Notes
Reply to msg id not found: tencent_2F378BC351D7D27135A0133016F89FB6FC08@qq.com
← Back to Topics