I recently upgraded a jail server from FreeBSD 8.2 to FreeBSD 8.4. This stopped various jails from starting their own instances of PostgreSQL. The messages in the logs were:
Jul 9 14:48:48 building postgres: [2-1] FATAL: could not create shared memory segment: Function not implemented Jul 9 14:48:48 building postgres: [2-2] DETAIL: Failed system call was shmget(key=5432001, size=12099584, 03600).
In my jails, I was seeing:
$ sysctl security.jail.sysvipc_allowed security.jail.sysvipc_allowed: 0
Looking at my previous writings on this topic, I found the same error message [note, that article doesn’t deal with ezjail, but helps with basic jail knowledge] but in that case, the issue was not having set jail_sysvipc_allow set in /etc/rc.conf. It seems that this is no longer sufficient. The parameters must be passed to the jail. Since I am using ezjail, I can do this by altering the configuration file for the jails in question. These files are located in the /usr/local/etc/ezjail directory.
I added these entries to the file:
# To allow PostgreSQL to run in the jail. # It is no longer sufficient to just set security.jail.sysvipc_allowed in # the host system. export jail_**MY_JAIL_NAME**_parameters="allow.raw_sockets=1 allow.sysvipc=1"
where “**MY_JAIL_NAME**” is the value you can find elsewhere in that file. What’s the name of the file? That’s related to your jail name. In my case, the jail name was pg92.example.org.
NOTE: I find now that I needed only allow.sysvipc=1. allow.raw_sockets=1 is for something else, and not required to get PostgreSQL running in the jail.