Azure – Setting write permissions for temporary storage provided by Azure (Linux-based VM)

azure

Apart from using it for swap space, I'm going to be using the temporary storage available in my Azure VM (Ubuntu 14.04 OS) for storing Postgresql temporary files as well.

To enable that, I've to create a symlink at /$PGDATA/base/pgsql_tmp that points to /mnt/pgsql_tmp. So that should be ln -s /mnt/pgsql_tmp $PGDATA/base/pgsql_tmp.

This reasonably ensures all temp files are stored and read from the SSD-based temporary storage. However, one hitch: the user postgres does NOT have permissions to write to /mnt:

drwxr-xr-x   4 root root 4.0K Mar 18 12:40 mnt

How do I ensure postgres also has write permission on /mnt? Should I just do sudo chmod -R 777 /mnt and be done with it?

I know this is elementary, but since it's a production server and I've already got swap set up in /mnt I don't want to misconfigure it and run into problems tomorrow.

p.s. this is how the temporary storage currently looks like:

Filesystem      Size  Used Avail Use% Mounted on
/dev/sdb1       221G  9.9G  200G   5% /mnt

Best Answer

ln -sTf /mnt/pgsql_tmp $PGDATA/base/pgsql_tmp  # did you get that correct?
chown -R postgres              /mnt/pgsql_tmp
chmod o+x    /mnt          # note: no -R,  this turns 750 to 751 for /mnt only

The effect:

 su - postgres
 echo 1 > /mnt/file   # fails
 ls   /mnt            # fails
 cat /mnt/anything    # fails
 echo 1 >  /mnt/pgsql_tmp/file   # works
 ls /mnt/pgsql_tmp               # works
 cat /mnt/pgsql_tmp/file         # works

The chmod o+x means to give [o]thers the +e[x]ecute bit, which gives them a permission to traverse across /mnt into any subdirectory. Other permissions are not necessary for /mnt only for /mnt/pgsql_tmp

Related Topic