PostgreSQL in FreeBSD jails
Dag-Erling Smørgrav
des at des.no
Mon May 2 23:07:51 PDT 2005
"Marc G. Fournier" <scrappy at hub.org> writes:
> You've all lost me here ... what exactly is the problem?
You can't run multiple instances of PostgreSQL on the same machine
(even in chroot or jail, even without TCP/IP support) without changing
the port number in postgresql.conf. PostgreSQL creates shared memory
segments with keys based on the port number, so separate instances
will try to create and use the same segments if configured to use the
same port number.
> PostgreSQL
> works under FreeBSD 4.x jails without any modifications, so how is
> PostgreSQL itself currently broken? It seems to me that the problem
> is with FreeBSD 5.x's jail side of things, if the same daemon runs
> fine under 4.x, but, nto under 5.x ...
PostgreSQL has always had this problem, both on 4.x and 5.x. A hack
was put in place last November to work around it, but it still exists,
and while it may now be possible (with 8.0) for multiple postmasters
to run on the same machine, it is also still possible for malicious
code in one jail to crash postmasters in other jails.
The underlying problem is that FreeBSD does not have separate SHM
namespaces in each jail, but, as has already been pointed out, that
problem is fairly hard to fix. Patching PostgreSQL to use something
else than SysV shared memory is easier and will benefit other OSes as
well.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-stable
mailing list