Re: [Shoki-users] chroot - make db
Status: Beta
Brought to you by:
spb
From: Jaliya B. <ja...@sl...> - 2007-09-28 09:57:48
|
Dear Stephen, First of all I would like to thank you for the support given. Yes, the problem was with the socket, after following your steps, now I am able to run 'make db'. It's working fine. But now I have some new issues: . 'importer' does not populate the db tables. o All the shoki*.gz go to '/usr/local/shoki/central/localhost.localdomain/corrupt'. where can it be the problem? . it's not possible to insert all the CVE entries using 'cve2shoki -f'. http://cve.mitre.org/ does not have CVE & CAN .csv files any more. Only 'allitems.csv' with both 'cve' & 'can' together. In this file there are more than 40k entries, but only about 1762 loaded into the 'vulnerabilities' table. o So could you pl help me to update the table or could you pl send me a previous full-cve.csv and full-can.csv files that you might be having. Regards, Jaliya -----Original Message----- From: Stephen P. Berry [mailto:sp...@me...] Sent: Tuesday, September 25, 2007 11:39 AM To: Jaliya Bandara Cc: 'Stephen P. Berry'; sho...@li... Subject: Re: [Shoki-users] chroot - make db -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >But I was ABLE to start PgSQL after changing Unix_Socket_directory in >postgres.conf to "/usr/local/shoki/chroot/tmp" and doing a >"ln -s /usr/local/shoki/chroot/tmp /tmp" (removed the shoki/chroot/tmp >created by "make chroot" first) I think I see the problem. Instead of: # ln -s /usr/local/shoki/choot/tmp /tmp (creating a symlink for the entire directory), you just want to create a symlink for the PostgreSQL socket: # ln -s /usr/local/shoki/chroot/tmp/.s.PGSQL.5432 /tmp The longish explanation: This is because by default postgres widgets (like createdb and so forth) will look for the socket in /tmp (regardless of what postgres.conf says). Since the shoki widgets run (by default) chroot'd and a chroot'd process can't see outside the jail---which also means they can't follow symlinks---that means the socket itself needs to be inside the chroot. Everything else (which isn't running chroot'd) therefore needs the symlink to find the socket in the non-default location. Some applications (like syslog-ng) allow you to specify multiple socket locations for just this sort of thing. PostgreSQL unfortunately does not. Anyway, if I understand your mail correctly, you want to: -Remove the /usr/local/shoki/chroot/tmp you created by hand -Re-run `make chroot' to re-recreate /usr/local/shoki/chroot/tmp (these two steps are just to make sure the permissions on the tmp directory are set correctly) -Stop and restart PostgreSQL (to re-create the socket itself) -As root: # ln -s /usr/local/shoki/chroot/tmp/.s.PGSQL.5432 /tmp -Then try `make db' again. Let me know if this fixes the problems you're seeing. I'll probably update the documentation to be clearer on this tomorrow. - -spb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (OpenBSD) iD8DBQFG+KX8P32VcPQQS7wRAtfpAJ9eqEss3/kTzfFaTLNAmC6WaX56mgCeNV1m fm+FHQOFOdw4YNAds4GPD+A= =DYtV -----END PGP SIGNATURE----- |