Move PGDATA Fedora 17

From PostgreSQL wiki

Revision as of 12:52, 2 August 2013 by Andr (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Moving PGDATA to a directory below /home in Fedora 17, 18 or 19

Moving PGDATA can be a challenge on systems with SELinux. In my case, I wanted PGDATA to be on my encrypted /home partition. This is how it works on Fedora 17 through 19:

# new home directory. create this, change owner to postgres:postgres, and
# change home dir for user "postgres" in /etc/passwd.

# change PGDATA in systemd service file
sed "s#^Environment=PGDATA=.*#Environment=PGDATA=$PGDATA#" /usr/lib/systemd/system/postgresql.service > /etc/systemd/system/postgresql.service

# change PGHOME selinux context
semanage fcontext -a -t postgresql_db_t "$PGHOME(/.*)?"
restorecon -R -v $PGHOME

# allow postgres to search /home
cd /root
mkdir selinux.local
cd selinux.local
chcon -R -t usr_t .
ln -s /usr/share/selinux/devel/Makefile .
touch postgresqlhome.fc
touch postgresqlhome.if

cat > postgresqlhome.te <<EOF
module postgresqlhome 0.1;

require {
        class dir search; 
        class lnk_file read;

        type home_root_t;
        type postgresql_t;
        type var_lib_t;

# Allow postgresql to search directory /home
allow postgresql_t home_root_t:dir search; 

semodule -i postgresqlhome.pp
Personal tools