How to configure permissions for Postgresql Database in Linux?

How to configure permissions for Postgresql Database in Linux?


Note : Applicable only for Linux Distribution Servers

      In Linux machines, due to customer environment configuration, we have been facing several issues when migrating the Application that involves upgrading PostgreSQL to higher version. Particularly, we are encountering these issues when using root user for upgrade operation. We also encounter similar issues during startup too, due to insufficient permissions.
      When the startup/upgrade is invoked as Root user, we create a new user named "postgres" in the customer environment in "other users" group. In all the below cases, the ownership of all the files will be under Root and Other users like "postgres" doesn't have read & execute permissions. Since we perform all the database operations with "postgres" user, we are facing "Permission Denied" Issue.

We should maintain a single user either root user or a non-root user should be used for all operations in Servicedeskplus. We should not switch between both users for different operations which may give raise to permission and file ownership issues. For example, if you start the application with a non-root user say x, the we should not use root user or "sudo ./UpdateManager.sh" which will switch to root user and cause unexpected results.

Resolution

When you encounter such issues, we can follow the below steps to provide sufficient permissions.


Step 1 :  Set umask value equal or lesser than 022.
            Umask value controls the permission of directories or file that will be created in the future. In our case, folders and files created during upgrade will inherit this permission. Hence, it should allow other users to read and execute.

Command to check the umask value 
  1. umask
Command to set the umask value
  1. umask 022

Step 2 : Ensure All the parent directories provide read & execute permission for other users
            Please navigate to all parent directories of product installation location and check whether it has sufficient permissions and you should provide the executable permission for other users with the command "chmod -R 755 <folder_name>" till the root directory starting from installation location. The last three digits of permission value should be rwx or r-x. it should not be like r-- or ---.

you can find the permission of a files in a directory using the below command
  1. ls -la
which shows the output like
   drwxr-xr-x 1 <hostname> <hostname> <date & time> <folder name> 
         

For Example, if your installation location path is /usr/share/ManageEngine/ServiceDesk, you should execute the following command.
  1. cd /usr/share/ManageEngine/ServiceDesk
  2. chmod -R 755 *
  3. cd ..
  4. chmod -R 755 ServiceDesk
  5. cd ..
  6. chmod 755 ManageEngine
  7. cd ..
  8. chmod 755 share
  9. cd ..
  10. chmod 755 usr


Step 3 :  Ensure "./initpgsql" script under <product_installation_folder>/bin directory can be executed with the user who does all the operations like startup and upgrade etc,  smoothly without any issues.
                If you see any failures in the command output returned, Please report it to our Support with the Screenshot of output.
   
After all of these steps, You can proceed with the upgrade. If you face futher issues with same permission denied trace, please share the logs and output of <initpgsql.sh> script file.

                  New to ADSelfService Plus?

                    • Related Articles

                    • How to resolve Connectivity issues with Postgresql Database from our product?

                      Log Traces Feb 20, 2024 6:40:00 PM [SYSERR] [INFO] : java.sql.SQLException: java.lang.Exception: Exception during getConnection from pool Exception occurred during get connection from datasource Nov 15, 2023 1:29:10 PM [SYSERR] [INFO] : Caused by: ...
                    • Linux console commands

                      Linux console commands *. To Install from console mode : - Download bin - Execute the command to make the bin executable - chmod 755 ManageEngine_ServiceDeskPlus_MSP_64bit.bin ( Color of the bin will get changed to green I.e Executable mode ) - ...
                    • Securing PostgreSQL Database Connection with SSL in ServiceDeskPlus

                      Overview This article serves as a comprehensive guide for customers intending to secure their database connections when using with ServiceDeskPlus Application with PostgreSQL database, similar to securing Microsoft SQL Server (MSSQL) connections. The ...
                    • How to change the database from MySQL/PostgreSQL to MSSQL

                      The steps mentioned below are applicable only if you migrate the DB from PgSQL to MSSQL. This means that the application server is going to remain the same. The data alone is going to be transferred to MSSQL DB from the existing PgSQL DB.    For ...
                    • Syntax for SDP MSP migration to Linux

                      While migrating to different database you can use backupdataold.bat. Here backup will be in .data format and this can be restored in across DB platform. Note: Backup from taken from a particular build can be restored only on the same build. Example: ...