Postgres in Sandstorm: initdb: could not look up effective user ID 1209: user does not exist
1,911 views
Skip to first unread message
Nolan Darilek
Mar 17, 2017, 4:05:21 PM3/17/17
to sandst...@googlegroups.com
Thoughts on how to deal with this? Postgres' initdb process seens to
want to look up the current user ID on startup and fails. Maybe there's
some aspect of the initialization process that I could circumvent to
avoid this, but I don't know enough about Postgres to know what that
might be.
If Sandstorm is going to randomize UIDs/GIDs, I feel like it should at
least stub /etc/passwd, /etc/group, or whatever syscalls access this
information, because I've hit this issue before. This may be a good move
from a security perspective, but I used to have Postgres working because
I could assume that apps were run under 1000, and with that not being a
valid assumption anymore, I don't even know how to get past this.
Assume that using another datastore is not an option here. It's Postgres
or bust.
Thanks.
want to look up the current user ID on startup and fails. Maybe there's
some aspect of the initialization process that I could circumvent to
avoid this, but I don't know enough about Postgres to know what that
might be.
If Sandstorm is going to randomize UIDs/GIDs, I feel like it should at
least stub /etc/passwd, /etc/group, or whatever syscalls access this
information, because I've hit this issue before. This may be a good move
from a security perspective, but I used to have Postgres working because
I could assume that apps were run under 1000, and with that not being a
valid assumption anymore, I don't even know how to get past this.
Assume that using another datastore is not an option here. It's Postgres
or bust.
Thanks.
Kenton Varda
Mar 18, 2017, 7:09:29 PM3/18/17
to Nolan Darilek, sandst...@googlegroups.com
Hmm, as an app-only fix, what if you made /etc/passwd be a symlink to /tmp/passwd which you auto-generate based on the current UID during app startup?
Hacky but seemingly not that difficult?
-Kenton
--
You received this message because you are subscribed to the Google Groups "Sandstorm Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sandstorm-dev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sandstorm-dev/eedb0273-940f-f86d-c4ea-e6afdf7969e2%40thewordnerd.info.
For more options, visit https://groups.google.com/d/optout.
Ian Denhardt
Mar 18, 2017, 8:22:27 PM3/18/17
to sandst...@googlegroups.com, Nolan Darilek
How does it respond to /etc/passwd being symlink to something in /var
(which you initialize on startup)?
I'm thinking:
echo "postgres:x:$(id -u):$(id -g):PostgreSQL user:/var/lib/postgres:/bin/sh" >> /var/etc/passwd
Or such.
Quoting Nolan Darilek (2017-03-17 16:05:02)
(which you initialize on startup)?
I'm thinking:
echo "postgres:x:$(id -u):$(id -g):PostgreSQL user:/var/lib/postgres:/bin/sh" >> /var/etc/passwd
Or such.
Quoting Nolan Darilek (2017-03-17 16:05:02)
> --
> You received this message because you are subscribed to the Google Groups "Sandstorm Development" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to sandstorm-de...@googlegroups.com.
> You received this message because you are subscribed to the Google Groups "Sandstorm Development" group.
Ian Denhardt
Mar 18, 2017, 8:24:05 PM3/18/17
to Kenton Varda, Nolan Darilek, sandst...@googlegroups.com
Quoting Kenton Varda (2017-03-18 19:09:06)
> Hmm, as an app-only fix, what if you made /etc/passwd be a symlink to
> /tmp/passwd which you auto-generate based on the current UID during app
> startup?
> Hacky but seemingly not that difficult?
> -Kenton
Bah, beat me to it.
> /tmp/passwd which you auto-generate based on the current UID during app
> startup?
> Hacky but seemingly not that difficult?
> -Kenton
manas.sa...@gmail.com
Aug 6, 2017, 5:12:01 PM8/6/17
to Sandstorm Development
Anyone got any solution.......for this issue
in docker file, i have added during the startup
RUN ln -s /etc/passwd /tmp/passwd
and then run
echo "postgres:x:$(id -u):$(id -g):PostgreSQL user:/var/lib/postgres:/bin/sh" >> /tmp/passwd
but still have an issue .....can anyone guide me in more briefly how to overcome this issue?
Reply all
Reply to author
Forward
0 new messages