cb-pgsql service fails to start with error "FATAL: could not open shared memory segment "/PostgreSQL.XXXXXXXXX": Permission denied"
Article ID: 410841
Updated On:
Products
Carbon Black EDR
Issue/Introduction
The postgres service (cb-pgsql) fails to start on an EDR primary node with the following error messages logged in the /var/log/cb/pgsql/startup.out file:
<DATE><TIME> EDT [(PID) @ ] FATAL: could not open shared memory segment "/PostgreSQL.XXXXXXXXX": Permission denied
<DATE><TIME> EDT [(PID) @ ] LOG: database system is shut downEnvironment
- Carbon Black EDR: All Supported Versions
- Linux OS: All Supported Versions
Cause
Postgres service writes a file in the shared memory location /dev/shm that should be mounted to the tmpfs filesystem with full permissions for user root. Here is a working example:
Resolution
- Validate the current permissions on the /dev/shm directory:
ls -ld /dev/shm - If they do not match the correct permissions, update the permissions:
sudo chmod 1777 /dev/shm - Check that /dev/shm is correctly mounted to the tempfs location:
df -h /dev/shm- If not, remount it correctly. Here is an example:
#Edit the fstab file sudo nano /etc/fstab # Locate the line related to /dev/shm and update it to the following: tmpfs /dev/shm tmpfs defaults,noexec,nodev,nosuid,size=2G 0 0 #Remount the /dev/shm sudo mount -o remount /dev/shm (Or if you added security options, you can have them take immediate effect with: sudo mount -o remount,noexec,nodev,nosuid /dev/shm)
- If not, remount it correctly. Here is an example:
- Restart the EDR services and validate cb-pgsql is able to successfully start.
Feedback
Yes
No
Powered by
