Cannot run psql in PostgreSQL 9.5

Question

I am using PostgreSQL 9.5 on Ubuntu 16.04 LTS. I receive the below error when I type psql:

 psql: could not connect to server: No such file or directory
    Is the server running locally and accepting
    connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?

On checking the logs in /var/log/postgresql/postgresql-9.5-main.log, I see the error as:

2018-11-26 13:17:41 IST [3508-1] FATAL: could not access private key file "/etc/ssl/private/ssl-cert-snakeoil.key": Permission denied

Below are the permissions of the /etc/ssl/private and ssl-cert-snakeoil.key files:

vivek@vivek-ThinkPad-E480:~$ ls -l /etc/ssl
total 36
drwxr-xr-x 2 root root     20480 Nov 22 13:06 certs
-rwxr-xr-x 1 root root     10835 Dec  8  2017 openssl.cnf
drwxr--r-- 2 root ssl-cert  4096 Nov 22 13:06 private

vivek@vivek-ThinkPad-E480:~$ sudo ls -l /etc/ssl/private
total 4
-rw-r----- 1 root ssl-cert 1704 Nov 22 13:06 ssl-cert-snakeoil.key

The postgres user is also added to the group ssl-cert.

vivek@vivek-ThinkPad-E480:~$ getent group ssl-cert
ssl-cert:x:112:postgres

NOTE: I found that there is no server.key present in /var/lib/postgresql/9.5/main.

I also posted this on DBA Stackexchange, but no response as yet.

Can anyone guide me in the right direction in setting permissions?

Answer 1

That can never work, and your server will not be able to start, because the OS user postgres has no permissions to access files in etc/ssl/private.

To allow users in the group ssl-cert to access files in the directory, run

chmod g+x /etc/ssl/private

While you're at it, make sure that /etc/ssl has the required permissions.

To test if everything works, become user postgres and try to read the file.