# PosgreSQL does not work with FreeBSD 9.2-RC4



## zodias (Sep 21, 2013)

Hi all,

I upgraded from FreeBSD 9.1-RELEASE-p7 to 9.2-RC-4 from source.

`# uname -v`

```
FreeBSD 9.2-RC4 #0 r255732: Fri Sep 20 22:26:06 EEST 2013     root@:/usr/obj/usr/src/sys/GENERIC
```

I used PostgreSQL 9.2 in a jail and it ran just fine.  After the upgrade the database server stopped. I upgraded to PostgreSQL 9.3 but still no positive result. I downgraded to PostgreSQL 9.2 with new initialization but still on the same position.

The error from /var/log/messages is:

```
Sep 21 19:48:44 db postgres[4708]: [1-1] FATAL:  could not create shared memory segment: Function not implemented
Sep 21 19:48:44 db postgres[4708]: [1-2] DETAIL:  Failed system call was shmget(key=1, size=40, 03600).
```

As stated in the PostgreSQL documentation the following parameters can be set up:

```
kern.ipc.shmall=32768
kern.ipc.shmmax=134217728
kern.ipc.semmap=256
```
and 

```
kern.ipc.semmni=256
kern.ipc.semmns=512
kern.ipc.semmnu=256
```

My parameters are:

```
kern.ipc.shmall: 131072
kern.ipc.shmmax: 536870912
```
but `# sysctl kern.ipc.semmap` returns:

```
sysctl: unknown oid 'kern.ipc.semmap'
```
FreeBSD 9.1-RELEASE-p7 returns the same result but the database works.

The next parameters are:

```
kern.ipc.semmni=256
kern.ipc.semmns=512
kern.ipc.semmnu=256
```

Initializing the database server with `# /usr/local/etc/rc.d/postgresql initdb` returns:

```
The files belonging to this database system will be owned by user "pgsql".
This user must also own the server process.

The database cluster will be initialized with locales
  COLLATE:  C
  CTYPE:    en_US.UTF-8
  MESSAGES: en_US.UTF-8
  MONETARY: en_US.UTF-8
  NUMERIC:  en_US.UTF-8
  TIME:     en_US.UTF-8
The default text search configuration will be set to "english".

creating directory /usr/local/pgsql/data ... ok
creating subdirectories ... ok
selecting default max_connections ... 10
selecting default shared_buffers ... 400kB
creating configuration files ... ok
creating template1 database in /usr/local/pgsql/data/base/1 ... FATAL:  could not create shared memory segment: Function not implemented
DETAIL:  Failed system call was shmget(key=1, size=2088960, 03600).
child process exited with exit code 1
initdb: removing data directory "/usr/local/pgsql/data"
root@db:/root #
```

Can you help me with this, please?


----------



## urosgruber (Sep 21, 2013)

What is the value of security.jail.sysvipc_allowed? It should be 1.


----------



## zodias (Sep 21, 2013)

urosgruber said:
			
		

> What is the value of security.jail.sysvipc_allowed? It should be 1.



It is on the host. But inside the jail it is 0 for some reason. I use sysutils/ezjail. When I tried to add the parameter in the jail configuration file it didn't work.

Here is some extract of the configurations:

from /etc/rc.conf:

```
ezjail_enable="YES"
jail_sysvipc_allow="YES"
```

from /usr/local/ezjail/db:

```
export jail_db_hostname="db"
export jail_db_ip="10.10.0.8"
export jail_db_rootdir="/ezjails/db"
export jail_db_exec_start="/bin/sh /etc/rc"
export jail_db_exec_stop=""
export jail_db_mount_enable="YES"
export jail_db_devfs_enable="YES"
export jail_db_devfs_ruleset="devfsrules_jail"
export jail_db_procfs_enable="YES"
export jail_db_fdescfs_enable="YES"
export jail_db_image=""
export jail_db_imagetype="zfs"
export jail_db_attachparams=""
export jail_db_attachblocking=""
export jail_db_forceblocking=""
export jail_db_zfs_datasets=""
export jail_db_cpuset=""
export jail_db_fib=""
export jail_db_parentzfs="production1"
export jail_db_parameters="allow.raw_sockets=1"
export jail_db_sysvipc_allow="YES"
export jail_db_post_start_script=""
```

but from inside the jail:
`# sysctl -a | grep sysv`

```
kern.features.sysv_msg: 1
kern.features.sysv_sem: 1
kern.features.sysv_shm: 1
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
security.jail.param.allow.sysvipc: 0
security.jail.sysvipc_allowed: 0
```
and `# sysctl -a | grep raw`:

```
<rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>2b279d75-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>042ff7d0-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>b015023d-e811-11e2-9338-002590af1027</rawuuid>
            <rawtype>516e7cb5-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>bb2ceac4-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>9941097b-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>83bd6b9d-7f41-11dc-be0b-001560b84f0f</rawtype>
            <rawuuid>5bfdda4e-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>268c61bb-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>f6a65eb5-036e-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>aa722bea-e811-11e2-9338-002590af1027</rawuuid>
            <rawtype>516e7cb5-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>b5768916-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>906d8efa-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>83bd6b9d-7f41-11dc-be0b-001560b84f0f</rawtype>
            <rawuuid>5863042c-e7ff-11e2-b15e-002590af1027</rawuuid>
net.inet.raw.recvspace: 9216
net.inet.raw.maxdgram: 9216
net.raw.recvspace: 8192
net.raw.sendspace: 8192
hw.midi.dumpraw: 0
security.jail.param.allow.raw_sockets: 0
security.jail.allow_raw_sockets: 1
```

Aside from the topic: what is the difference between the last two parameters?


----------



## zeissoctopus (Sep 22, 2013)

Please check The FreeBSD Diary, especially for kern.ipc.* settings in /etc/sysctl as well as /boot/loader.conf.


----------



## zodias (Sep 23, 2013)

zeissoctopus said:
			
		

> Please check The FreeBSD Diary, especially for kern.ipc.* settings in /etc/sysctl as well as /boot/loader.conf.



Alas the result is the same.

Now I have: `# sysctl -a | grep sysvipc`

```
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
security.jail.param.allow.sysvipc: 0
security.jail.sysvipc_allowed: 1
```
and `# sysctl -a | grep raw`

```
<rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>2b279d75-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>042ff7d0-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>b015023d-e811-11e2-9338-002590af1027</rawuuid>
            <rawtype>516e7cb5-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>bb2ceac4-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>9941097b-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>83bd6b9d-7f41-11dc-be0b-001560b84f0f</rawtype>
            <rawuuid>5bfdda4e-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>268c61bb-036f-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>f6a65eb5-036e-11e3-a687-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>aa722bea-e811-11e2-9338-002590af1027</rawuuid>
            <rawtype>516e7cb5-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>b5768916-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>516e7cba-6ecf-11d6-8ff8-00022d09712b</rawtype>
            <rawuuid>906d8efa-e7ff-11e2-b15e-002590af1027</rawuuid>
            <rawtype>83bd6b9d-7f41-11dc-be0b-001560b84f0f</rawtype>
            <rawuuid>5863042c-e7ff-11e2-b15e-002590af1027</rawuuid>
net.inet.raw.recvspace: 9216
net.inet.raw.maxdgram: 9216
net.raw.recvspace: 8192
net.raw.sendspace: 8192
hw.midi.dumpraw: 0
security.jail.param.allow.raw_sockets: 0
security.jail.allow_raw_sockets: 1
```
and something new for me:
`# sysctl -a | grep ezja`

```
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailStopping jails: db db2 lex store subaru svn svn2 tomcat uvo.bg web_proxy zlatkoasenov.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailStopping jails: db db2 lex store subaru svn svn2 tomcat uvo.bg web_proxy zlatkoasenov.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailStopping jails: db db2 lex store subaru svn svn2 tomcat uvo.bg web_proxy zlatkoasenov.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
<118> ezjailStopping jails: db db2 lex store subaru svn svn2 tomcat uvo.bg web_proxy zlatkoasenov.
<118> ezjailConfiguring jails: sysvipc_allow=YES.
```


----------



## zodias (Sep 23, 2013)

With FreeBSD 9.1-RELEASE everything was fine.


----------



## zeissoctopus (Sep 24, 2013)

zodias said:
			
		

> Alas the result is the same.
> 
> Now I have: `# sysctl -a | grep sysvipc`
> 
> and `# sysctl -a | grep raw`



What is the output of `# sysctl -a | grep kern.ipc`?

This is the point.


----------



## zodias (Sep 24, 2013)

`# sysctl -a | grep kern.ipc`

```
kern.ipc.maxsockbuf: 2097152
kern.ipc.sockbuf_waste_factor: 8
kern.ipc.somaxconn: 128
kern.ipc.max_linkhdr: 16
kern.ipc.max_protohdr: 60
kern.ipc.max_hdr: 76
kern.ipc.max_datalen: 92
kern.ipc.nmbjumbo16: 4096
kern.ipc.nmbjumbo9: 8192
kern.ipc.nmbjumbop: 16384
kern.ipc.nmbclusters: 32768
kern.ipc.piperesizeallowed: 1
kern.ipc.piperesizefail: 0
kern.ipc.pipeallocfail: 0
kern.ipc.pipefragretry: 0
kern.ipc.pipekva: 114688
kern.ipc.maxpipekva: 133353472
kern.ipc.msgseg: 2048
kern.ipc.msgssz: 8
kern.ipc.msgtql: 40
kern.ipc.msgmnb: 2048
kern.ipc.msgmni: 40
kern.ipc.msgmax: 16384
kern.ipc.semaem: 16384
kern.ipc.semvmx: 32767
kern.ipc.semusz: 632
kern.ipc.semume: 50
kern.ipc.semopm: 100
kern.ipc.semmsl: 340
kern.ipc.semmnu: 256
kern.ipc.semmns: 512
kern.ipc.semmni: 256
kern.ipc.shm_allow_removed: 0
kern.ipc.shm_use_phys: 0
kern.ipc.shmall: 131072
kern.ipc.shmseg: 128
kern.ipc.shmmni: 192
kern.ipc.shmmin: 1
kern.ipc.shmmax: 536870912
kern.ipc.maxsockets: 49312
kern.ipc.numopensockets: 158
kern.ipc.nsfbufsused: 0
kern.ipc.nsfbufspeak: 0
kern.ipc.nsfbufs: 0
```


----------



## SirDice (Sep 24, 2013)

zodias said:
			
		

> ```
> export jail_db_parameters="allow.raw_sockets=1"
> ```


You need to add allow.sysvipc here. 

```
export jail_db_parameters="allow.raw_sockets=1 allow.sysvipc=1"
```

Keep in mind the security implications of enabling this. Processes from other jails and the host access the same shared memory and can interfere with it.


----------



## zodias (Sep 24, 2013)

SirDice said:
			
		

> You need to add allow.sysvipc here.
> 
> ```
> export jail_db_parameters="allow.raw_sockets=1 allow.sysvipc=1"
> ...



But it is set only to a specific jail ('db' in my case),  not for all of them isn't it?


----------



## zodias (Sep 24, 2013)

```
export jail_db_parameters="allow.raw_sockets=1 allow.sysvipc=1"
```
It works.

Thank you once again.

:beergrin


----------



## xtaz (Sep 24, 2013)

For your information, if you ever upgraded to PostgreSQL 9.3 it no longer uses SysV shared memory and so you wouldn't have to play with these settings anyway. It now uses POSIX/mmap shared memory instead.


----------



## SirDice (Sep 24, 2013)

zodias said:
			
		

> But it is set only to a specific jail ('db' in my case),  not for all of them is it?



Correct, but you may run into trouble when you have multiple jails with shared memory enabled.


----------



## zodias (Sep 24, 2013)

xtaz said:
			
		

> For your information, if you ever upgraded to PostgreSQL 9.3 it no longer uses SysV shared memory and so you wouldn't have to play with these settings anyway. It now uses POSIX/mmap shared memory instead.



Yes, I read the PostgreSQL release notes and I am glad for that but I didn't expect such an issue.


----------



## derekschrock (Oct 1, 2013)

SirDice said:
			
		

> You need to add allow.sysvipc here.
> 
> ```
> export jail_db_parameters="allow.raw_sockets=1 allow.sysvipc=1"
> ...



Thanks for the solution.  Could you explain why this worked in 9.1-RELEASE-p7 and not 9.2-RELEASE?

I too ran into the same and everything worked in 9.1-RELEASE-p7


----------

