pg_data

Stefan Hornburg (Racke) Wed, 27 Oct 2021 08:20:45 -0700

On 27/10/2021 17:11, dulhaver via Ansible Project wrote:

I figured out that apparently using ansible_become_user: root in the 
defaults.yml is meesing things up


Changing
ansible_become_user: root
to
ansible_root_user: root

in the defaults file and the playbok makes this issue going away. Apparently 
the term ansible_become_user is more then just a string and overwrites all 
other become_user occurences.


I think there is actually no need to set these variables at all as "root" is 
the default.

Regards
        Racke


If I remember correctly it may be even workable to skip the become_user: xyz 
(and just say become: yes) in the playbook if I do not want to become anyone 
else then root and likewise share me this sort of trouble

On 10/27/2021 4:45 PM Jorge Rúa <jruarive...@gmail.com> wrote:


Hey!

We can't access the playbook here - https://pastebin.com/edit/9Uvjdupe 
<https://pastebin.com/edit/9Uvjdupe> at least I can't. pastebin redirects me to 
the login page. I can however access default_postgres.yml file

I'm going to assume you are using sudo as become_method. I am also going to 
assume selinux is not part of the issue here, nor standard unix permissions or 
posix acls.

When you run the task manually:  /opt/db/postgres/postgresql/bin/initdb -D 
/opt/db/data/postgres/data/ on the target as user postgres ... say you login as 
root to the machine then you run su - postgres, right? At this point you are 
running commands as postgres.

 I'm wondering if you can mimic that very same behaviour adding become_flags to 
the equation:

- name: configure postgres - create database
  command: "{{ postgres_home }}/bin/initdb -D {{ postgres_data }}"
  args:
    creates: "{{ postgres_data }}/PG_VERSION"
  become: yes
  become_flags: "su - {{ ansible_postgres_user }} -c"
  become_user: "{{ ansible_postgres_user }}"

Please let me know if that works,

Regards,










El mié, 27 oct 2021 a las 14:32, dulhaver via Ansible Project 
(<ansible-project@googlegroups.com <mailto:ansible-project@googlegroups.com>>) 
escribió:

    __

      * here is the entire playbook <https://pastebin.com/edit/9Uvjdupe>
      * here is the defaults_postgres.yml <https://pastebin.com/ZKjis1BA> I 
refer to in it

    I am wondering whether the use of a ...

      * ansible_become_user: root
      * ansbile_postgres_user: postgres

    ... in the same context may be related to my problem

    On 10/27/2021 1:55 PM dulhaver via Ansible Project <ansible-project@googlegroups.com 
<mailto:ansible-project@googlegroups.com>> wrote:


    I have a playbook to install postgresql on a rhel8 target


    one TASK should start the initdb process ...
    
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
    - name: configure postgres - create database
      command: "{{ postgres_home }}/bin/initdb -D {{ postgres_data }}"
      args:
        creates: "{{ postgres_data }}/PG_VERSION"
      become: yes
      become_user: postgres
    
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    but fails with an "initdb: error: cannot be run as root" error  *details 
below

    
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
    TASK [configure postgres - create database] 
**********************************************************************
    fatal: [vm-51150-0180.step.zrz.dvz.cn-mv.de 
<http://vm-51150-0180.step.zrz.dvz.cn-mv.de>]: FAILED! => changed=true
    cmd:
    - /opt/db/postgres/postgresql/bin/initdb
    - -D
    - /opt/db/data/postgres/data
    delta: '0:00:00.009346'
    end: '2021-10-27 11:54:25.210944'
    msg: non-zero return code
    rc: 1
    start: '2021-10-27 11:54:25.201598'
    stderr: |-
    initdb: error: cannot be run as root
    Please log in (using, e.g., "su") as the (unprivileged) user that will
    own the server process.
    stderr_lines: <omitted>
    stdout: ''
    stdout_lines: <omitted>
    
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    the TASK however has a particular become_user: postgresspecified. 
Furthermore Selinux is set to @permissive in an erlier TASK.

    Manually running /opt/db/postgres/postgresql/bin/initdb -D 
/opt/db/data/postgres/data/on the target as user postgres works, so I can not 
make much sense of this. It's kind of obvious the become process does not work, 
but I can't figure out why. Plaid a bit with indentation, but did not find any 
solution that works

-- You received this message because you are subscribed to the Google Groups "Ansible Project" group.

    To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com 
<mailto:ansible-project+unsubscr...@googlegroups.com>.
    To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/776382835.43477.1635335720976%40office.mailbox.org
 
<https://groups.google.com/d/msgid/ansible-project/776382835.43477.1635335720976%40office.mailbox.org?utm_medium=email&utm_source=footer>.

-- You received this message because you are subscribed to the Google Groups "Ansible Project" group.

    To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com 
<mailto:ansible-project+unsubscr...@googlegroups.com>.
    To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/206501226.44462.1635341565280%40office.mailbox.org
 
<https://groups.google.com/d/msgid/ansible-project/206501226.44462.1635341565280%40office.mailbox.org?utm_medium=email&utm_source=footer>.


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to 
ansible-project+unsubscr...@googlegroups.com 
<mailto:ansible-project+unsubscr...@googlegroups.com>.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFtje5MX0gxwDrsuitrabPQKh%2B_%3DboD%3DWnyGxXx9e7B6vsmFdw%40mail.gmail.com
 
<https://groups.google.com/d/msgid/ansible-project/CAFtje5MX0gxwDrsuitrabPQKh%2B_%3DboD%3DWnyGxXx9e7B6vsmFdw%40mail.gmail.com?utm_medium=email&utm_source=footer>.


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to 
ansible-project+unsubscr...@googlegroups.com 
<mailto:ansible-project+unsubscr...@googlegroups.com>.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1721630239.45743.1635347508491%40office.mailbox.org
 
<https://groups.google.com/d/msgid/ansible-project/1721630239.45743.1635347508491%40office.mailbox.org?utm_medium=email&utm_source=footer>.



--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration.


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7260e1ad-e1e7-075b-1299-30e34c2fae36%40linuxia.de.

OpenPGP_signature
Description: OpenPGP digital signature

Re: [ansible-project] installing postgres - error with initdb -D /path/to/pg_data

Reply via email to