From owner-freebsd-stable@FreeBSD.ORG Tue May 3 06:07:51 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D1FD216A4CE for ; Tue, 3 May 2005 06:07:51 +0000 (GMT) Received: from bgo1smout1.broadpark.no (bgo1smout1.broadpark.no [217.13.4.94]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3FA2343D46 for ; Tue, 3 May 2005 06:07:51 +0000 (GMT) (envelope-from des@des.no) Received: from bgo1sminn1.broadpark.no ([217.13.4.93]) by bgo1smout1.broadpark.no (Sun Java System Messaging Server 6.1 HotFix 0.05 (built Oct 21 2004)) with ESMTP id <0IFW0082ZGRFJ5B0@bgo1smout1.broadpark.no> for freebsd-stable@freebsd.org; Tue, 03 May 2005 08:02:03 +0200 (CEST) Received: from dsa.des.no ([80.203.228.37]) by bgo1sminn1.broadpark.no (Sun Java System Messaging Server 6.1 HotFix 0.05 (built Oct 21 2004)) with ESMTP id <0IFW00MGRH2IFKE0@bgo1sminn1.broadpark.no> for freebsd-stable@freebsd.org; Tue, 03 May 2005 08:08:42 +0200 (CEST) Received: by dsa.des.no (Pony Express, from userid 666) id 52AA945165; Tue, 03 May 2005 08:07:49 +0200 (CEST) Received: from xps.des.no (xps.des.no [10.0.0.12]) by dsa.des.no (Pony Express) with ESMTP id 8B00F45131; Tue, 03 May 2005 08:07:45 +0200 (CEST) Received: by xps.des.no (Postfix, from userid 1001) id 5509133C39; Tue, 03 May 2005 08:07:45 +0200 (CEST) Date: Tue, 03 May 2005 08:07:45 +0200 From: des@des.no (=?iso-8859-1?q?Dag-Erling_Sm=F8rgrav?=) In-reply-to: <20050502180152.I53065@ganymede.hub.org> To: "Marc G. Fournier" Message-id: <86psw84zbi.fsf@xps.des.no> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: quoted-printable X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on dsa.des.no References: <426E5713.3010906@eurocom.od.ua> <747dc8f30504260812ee3c47e@mail.gmail.com> <426E5EA5.8000703@eurocom.od.ua> <426F3AFA.9020900@konvergencia.hu> <426F5A6E.4050208@eurocom.od.ua> <86acndmyky.fsf@xps.des.no> <4276910A.3040100@criticalmagic.com> <20050502180152.I53065@ganymede.hub.org> User-Agent: Gnus/5.110002 (No Gnus v0.2) Emacs/21.3 (berkeley-unix) X-Spam-Status: No, score=-2.8 required=5.0 tests=ALL_TRUSTED,AWL autolearn=disabled version=3.0.2 X-Spam-Level: cc: Alexander Rusinov cc: Richard Coleman cc: freebsd-stable@freebsd.org Subject: Re: PostgreSQL in FreeBSD jails X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 May 2005 06:07:51 -0000 "Marc G. Fournier" writes: > You've all lost me here ... what exactly is the problem? You can't run multiple instances of PostgreSQL on the same machine (even in chroot or jail, even without TCP/IP support) without changing the port number in postgresql.conf. PostgreSQL creates shared memory segments with keys based on the port number, so separate instances will try to create and use the same segments if configured to use the same port number. > PostgreSQL > works under FreeBSD 4.x jails without any modifications, so how is > PostgreSQL itself currently broken? It seems to me that the problem > is with FreeBSD 5.x's jail side of things, if the same daemon runs > fine under 4.x, but, nto under 5.x ... PostgreSQL has always had this problem, both on 4.x and 5.x. A hack was put in place last November to work around it, but it still exists, and while it may now be possible (with 8.0) for multiple postmasters to run on the same machine, it is also still possible for malicious code in one jail to crash postmasters in other jails. The underlying problem is that FreeBSD does not have separate SHM namespaces in each jail, but, as has already been pointed out, that problem is fairly hard to fix. Patching PostgreSQL to use something else than SysV shared memory is easier and will benefit other OSes as well. DES --=20 Dag-Erling Sm=F8rgrav - des@des.no