pg_data

Stefan Hornburg (Racke) Wed, 27 Oct 2021 08:20:45 -0700

On 27/10/2021 17:11, dulhaver via Ansible Project wrote:

I figured out that apparently using ansible_become_user: root in the 
defaults.yml is meesing things up


Changing
ansible_become_user: root
to
ansible_root_user: root

in the defaults file and the playbok makes this issue going away. Apparently 
the term ansible_become_user is more then just a string and overwrites all 
other become_user occurences.


I think there is actually no need to set these variables at all as "root" is 
the default.

Regards
        Racke


If I remember correctly it may be even workable to skip the become_user: xyz 
(and just say become: yes) in the playbook if I do not want to become anyone 
else then root and likewise share me this sort of trouble

On 10/27/2021 4:45 PM Jorge Rúa <[email protected]> wrote:


Hey!

We can't access the playbook here - https://pastebin.com/edit/9Uvjdupe 
<https://pastebin.com/edit/9Uvjdupe> at least I can't. pastebin redirects me to 
the login page. I can however access default_postgres.yml file

I'm going to assume you are using sudo as become_method. I am also going to 
assume selinux is not part of the issue here, nor standard unix permissions or 
posix acls.

When you run the task manually:  /opt/db/postgres/postgresql/bin/initdb -D 
/opt/db/data/postgres/data/ on the target as user postgres ... say you login as 
root to the machine then you run su - postgres, right? At this point you are 
running commands as postgres.

 I'm wondering if you can mimic that very same behaviour adding become_flags to 
the equation:

- name: configure postgres - create database
  command: "{{ postgres_home }}/bin/initdb -D {{ postgres_data }}"
  args:
    creates: "{{ postgres_data }}/PG_VERSION"
  become: yes
  become_flags: "su - {{ ansible_postgres_user }} -c"
  become_user: "{{ ansible_postgres_user }}"

Please let me know if that works,

Regards,










El mié, 27 oct 2021 a las 14:32, dulhaver via Ansible Project 
(<[email protected] <mailto:[email protected]>>) 
escribió:

    __

      * here is the entire playbook <https://pastebin.com/edit/9Uvjdupe>
      * here is the defaults_postgres.yml <https://pastebin.com/ZKjis1BA> I 
refer to in it

    I am wondering whether the use of a ...

      * ansible_become_user: root
      * ansbile_postgres_user: postgres

    ... in the same context may be related to my problem

    On 10/27/2021 1:55 PM dulhaver via Ansible Project <[email protected] 
<mailto:[email protected]>> wrote:


    I have a playbook to install postgresql on a rhel8 target


    one TASK should start the initdb process ...
    
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
    - name: configure postgres - create database
      command: "{{ postgres_home }}/bin/initdb -D {{ postgres_data }}"
      args:
        creates: "{{ postgres_data }}/PG_VERSION"
      become: yes
      become_user: postgres
    
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    but fails with an "initdb: error: cannot be run as root" error  *details 
below

    
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
    TASK [configure postgres - create database] 
**********************************************************************
    fatal: [vm-51150-0180.step.zrz.dvz.cn-mv.de 
<http://vm-51150-0180.step.zrz.dvz.cn-mv.de>]: FAILED! => changed=true
    cmd:
    - /opt/db/postgres/postgresql/bin/initdb
    - -D
    - /opt/db/data/postgres/data
    delta: '0:00:00.009346'
    end: '2021-10-27 11:54:25.210944'
    msg: non-zero return code
    rc: 1
    start: '2021-10-27 11:54:25.201598'
    stderr: |-
    initdb: error: cannot be run as root
    Please log in (using, e.g., "su") as the (unprivileged) user that will
    own the server process.
    stderr_lines: <omitted>
    stdout: ''
    stdout_lines: <omitted>
    
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    the TASK however has a particular become_user: postgresspecified. 
Furthermore Selinux is set to @permissive in an erlier TASK.

    Manually running /opt/db/postgres/postgresql/bin/initdb -D 
/opt/db/data/postgres/data/on the target as user postgres works, so I can not 
make much sense of this. It's kind of obvious the become process does not work, 
but I can't figure out why. Plaid a bit with indentation, but did not find any 
solution that works

-- You received this message because you are subscribed to the Google Groups "Ansible Project" group.

    To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected] 
<mailto:[email protected]>.
    To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/776382835.43477.1635335720976%40office.mailbox.org
 
<https://groups.google.com/d/msgid/ansible-project/776382835.43477.1635335720976%40office.mailbox.org?utm_medium=email&utm_source=footer>.

-- You received this message because you are subscribed to the Google Groups "Ansible Project" group.

    To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected] 
<mailto:[email protected]>.
    To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/206501226.44462.1635341565280%40office.mailbox.org
 
<https://groups.google.com/d/msgid/ansible-project/206501226.44462.1635341565280%40office.mailbox.org?utm_medium=email&utm_source=footer>.


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to 
[email protected] 
<mailto:[email protected]>.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFtje5MX0gxwDrsuitrabPQKh%2B_%3DboD%3DWnyGxXx9e7B6vsmFdw%40mail.gmail.com
 
<https://groups.google.com/d/msgid/ansible-project/CAFtje5MX0gxwDrsuitrabPQKh%2B_%3DboD%3DWnyGxXx9e7B6vsmFdw%40mail.gmail.com?utm_medium=email&utm_source=footer>.


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to 
[email protected] 
<mailto:[email protected]>.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1721630239.45743.1635347508491%40office.mailbox.org
 
<https://groups.google.com/d/msgid/ansible-project/1721630239.45743.1635347508491%40office.mailbox.org?utm_medium=email&utm_source=footer>.



--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration.


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7260e1ad-e1e7-075b-1299-30e34c2fae36%40linuxia.de.

OpenPGP_signature
Description: OpenPGP digital signature

Re: [ansible-project] installing postgres - error with initdb -D /path/to/pg_data

Reply via email to