Обсуждение: BUG #6353: If there is invalid line in pg_hba.conf, DB start fails without any nofice and no logs in pgstartup.

The following bug has been logged on the website:

Bug reference:      6353
Logged by:          Erkan Durmus
Email address:      erkan@eurotel.com.tr
PostgreSQL version: 9.0.6
Operating system:   Centos 5.7
Description:=20=20=20=20=20=20=20=20

Hi,
Firstly, thanks for developing Pgsql!
Problem:
If I add this line to pg_hba.conf, it causes a silent startup failure:
local    all            backup          127.0.0.1/32       trust
There is a linux user backup on this system. After adding this line and
issue "pg_ctl reload" it signals server successfully, no errors. But if I
stop db server, I can not start db anymore. Strangely no log exists in
pgstartup.log. Even I start with -d 5 debug param, it exists after "logging
shutdown" message. Debugging with gdb didn't help. After removing the line
added above in pg_hba.conf, db starts.

Regards,
Erkan Durmus

On 22-12-2011 12:53, erkan@eurotel.com.tr wrote:
> If I add this line to pg_hba.conf, it causes a silent startup failure:
> local    all            backup          127.0.0.1/32       trust
> There is a linux user backup on this system. After adding this line and
> issue "pg_ctl reload" it signals server successfully, no errors. But if I
> stop db server, I can not start db anymore. Strangely no log exists in
> pgstartup.log. Even I start with -d 5 debug param, it exists after "logging
> shutdown" message. Debugging with gdb didn't help. After removing the line
> added above in pg_hba.conf, db starts.
>
This is not a bug. Did you check your server logs (pgstartup.log must be the
pg_ctl output)? I got:

LOG:  invalid authentication method "127.0.0.1/32"
CONTEXT:  line 80 of configuration file "/home/euler/pg90/data/pg_hba.conf"
FATAL:  could not load pg_hba.conf

If you don't have logging_collector enabled, you should get the above message
in your terminal.

Problem is: instead of local you should use host.


--
   Euler Taveira de Oliveira - Timbira       http://www.timbira.com.br/
   PostgreSQL: Consultoria, Desenvolvimento, Suporte 24x7 e Treinamento

erkan@eurotel.com.tr writes:
> If I add this line to pg_hba.conf, it causes a silent startup failure:
> local    all            backup          127.0.0.1/32       trust
> There is a linux user backup on this system. After adding this line and
> issue "pg_ctl reload" it signals server successfully, no errors. But if I
> stop db server, I can not start db anymore. Strangely no log exists in
> pgstartup.log.

Well, that line is obviously incorrect, because a "local" line doesn't
need an IP address.  For me, the postmaster gives very clear warnings
about this, either in the pg_ctl reload case:

LOG:  received SIGHUP, reloading configuration files
LOG:  invalid authentication method "127.0.0.1/32"
CONTEXT:  line 95 of configuration file "/var/lib/pgsql/data/pg_hba.conf"
WARNING:  pg_hba.conf not reloaded

or in the fresh-start case:

LOG:  invalid authentication method "127.0.0.1/32"
CONTEXT:  line 95 of configuration file "/var/lib/pgsql/data/pg_hba.conf"
FATAL:  could not load pg_hba.conf

Your problem apparently is that the log messages are either not coming
out at all, or you're looking in the wrong place for them.  You have not
said anything about your logging configuration so it's hard to give
concrete advice, but in the default configuration set up by Red Hat's
packages I'd expect those messages to appear in the current log file
underneath /var/lib/pgsql/data/pg_log/.  It's also conceivable that the
messages aren't getting out at all because of a permissions-type problem
--- I remember some very old versions of selinux policy would sometimes
block postgres log messages, for example.  If you've got selinux enabled
it'd be worth checking for avc messages in the kernel logs.

            regards, tom lane