I figured out that apparently using ansible_become_user: root in the defaults.yml is meesing things up
Changing ansible_become_user: root to ansible_root_user: root in the defaults file and the playbok makes this issue going away. Apparently the term ansible_become_user is more then just a string and overwrites all other become_user occurences. If I remember correctly it may be even workable to skip the become_user: xyz (and just say become: yes) in the playbook if I do not want to become anyone else then root and likewise share me this sort of trouble > On 10/27/2021 4:45 PM Jorge Rúa <[email protected]> wrote: > > > Hey! > > We can't access the playbook here - https://pastebin.com/edit/9Uvjdupe at > least I can't. pastebin redirects me to the login page. I can however access > default_postgres.yml file > > I'm going to assume you are using sudo as become_method. I am also going > to assume selinux is not part of the issue here, nor standard unix > permissions or posix acls. > > When you run the task manually: /opt/db/postgres/postgresql/bin/initdb > -D /opt/db/data/postgres/data/ on the target as user postgres ... say you > login as root to the machine then you run su - postgres, right? At this point > you are running commands as postgres. > > I'm wondering if you can mimic that very same behaviour adding > become_flags to the equation: > > - name: configure postgres - create database > command: "{{ postgres_home }}/bin/initdb -D {{ postgres_data }}" > args: > creates: "{{ postgres_data }}/PG_VERSION" > become: yes > become_flags: "su - {{ ansible_postgres_user }} -c" > become_user: "{{ ansible_postgres_user }}" > > Please let me know if that works, > > Regards, > > > > > > > > > > > El mié, 27 oct 2021 a las 14:32, dulhaver via Ansible Project > (<[email protected] mailto:[email protected] >) > escribió: > > > > * here is the entire playbook > https://pastebin.com/edit/9Uvjdupe > > * here is the defaults_postgres.yml > > https://pastebin.com/ZKjis1BA I refer to in it > > I am wondering whether the use of a ... > > * ansible_become_user: root > > * ansbile_postgres_user: postgres > > ... in the same context may be related to my problem > > > > > > > > > > > On 10/27/2021 1:55 PM dulhaver via Ansible > > Project <[email protected] > > mailto:[email protected] > wrote: > > > > > > > > > I have a playbook to install postgresql on a rhel8 target > > > > > > > > > one TASK should start the initdb process ... > > > > > > \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ > > > - name: configure postgres - create database > > > command: "{{ postgres_home }}/bin/initdb -D {{ > > > postgres_data }}" > > > args: > > > creates: "{{ postgres_data }}/PG_VERSION" > > > become: yes > > > become_user: postgres > > > > > > \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ > > > > > > > > > but fails with an "initdb: error: cannot be run as root" > > > error *details below > > > > > > > > > \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ > > > TASK [configure postgres - create database] > > > ********************************************************************** > > > fatal: [http://vm-51150-0180.step.zrz.dvz.cn-mv.de ]: > > > FAILED! => changed=true > > > cmd: > > > - /opt/db/postgres/postgresql/bin/initdb > > > - -D > > > - /opt/db/data/postgres/data > > > delta: '0:00:00.009346' > > > end: '2021-10-27 11:54:25.210944' > > > msg: non-zero return code > > > rc: 1 > > > start: '2021-10-27 11:54:25.201598' > > > stderr: |- > > > initdb: error: cannot be run as root > > > Please log in (using, e.g., "su") as the (unprivileged) > > > user that will > > > own the server process. > > > stderr_lines: <omitted> > > > stdout: '' > > > stdout_lines: <omitted> > > > > > > \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ > > > > > > the TASK however has a particular become_user: postgres > > > specified. Furthermore Selinux is set to @permissive in an erlier TASK. > > > > > > Manually running /opt/db/postgres/postgresql/bin/initdb -D > > > /opt/db/data/postgres/data/ on the target as user postgres works, so I > > > can not make much sense of this. It's kind of obvious the become process > > > does not work, but I can't figure out why. Plaid a bit with indentation, > > > but did not find any solution that works > > > > > > > > > -- > > > You received this message because you are subscribed to the > > > Google Groups "Ansible Project" group. > > > To unsubscribe from this group and stop receiving emails from > > > it, send an email to [email protected] > > > mailto:[email protected] . > > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/ansible-project/776382835.43477.1635335720976%40office.mailbox.org > > > > > > https://groups.google.com/d/msgid/ansible-project/776382835.43477.1635335720976%40office.mailbox.org?utm_medium=email&utm_source=footer > > > . > > > > > > > > > > > > -- > > You received this message because you are subscribed to the Google > > Groups "Ansible Project" group. > > To unsubscribe from this group and stop receiving emails from it, > > send an email to [email protected] > > mailto:[email protected] . > > To view this discussion on the web visit > > https://groups.google.com/d/msgid/ansible-project/206501226.44462.1635341565280%40office.mailbox.org > > > > https://groups.google.com/d/msgid/ansible-project/206501226.44462.1635341565280%40office.mailbox.org?utm_medium=email&utm_source=footer > > . > > > > > > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > mailto:[email protected] . > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAFtje5MX0gxwDrsuitrabPQKh%2B_%3DboD%3DWnyGxXx9e7B6vsmFdw%40mail.gmail.com > > https://groups.google.com/d/msgid/ansible-project/CAFtje5MX0gxwDrsuitrabPQKh%2B_%3DboD%3DWnyGxXx9e7B6vsmFdw%40mail.gmail.com?utm_medium=email&utm_source=footer > . > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1721630239.45743.1635347508491%40office.mailbox.org.
