I have a code like this:
- name: Create DB user
postgresql_user:
state: present
name: "{{db_user}}"
password: "{{db_pass}}"
become: true
become_user: postgres
- name: Create DB instance
postgresql_db:
state: present
name: "{{db_name}}"
owner: "{{db_user}}"
become: true
become_user: postgres
And got the error :
TASK [deploy/django-api/db : Create DB user] ***********************************
fatal: [aws-server]: FAILED! => {"msg": "Failed to set permissions on the temporary files Ansible needs to create when becoming an unprivileged user (rc: 1, err: chmod: invalid mode: 'A+user:postgres:rx:allow'\nTry 'chmod --help' for more information.\n}). For information on working around this, see https://docs.ansible.com/ansible-core/2.13/user_guide/become.html#risks-of-becoming-an-unprivileged-user"}
By the way the installation of postgres is done successfully, also i test to create postgres user directly on the server and it's created, using the command
sudo -u postgres createuser --interactive
If anyone can help me with thanks.
EDIT : i fixed it by installing ACL on the remote server :
sudo apt-get install acl
I'm setting up my PostgreSQL 9.1. I can't do anything with PostgreSQL: can't createdb, can't createuser; all operations return the error message
Fatal: role h9uest does not exist
h9uest is my account name, and I sudo apt-get install PostgreSQL 9.1 under this account.
Similar error persists for the root account.
Use the operating system user postgres to create your database - as long as you haven't set up a database role with the necessary privileges that corresponds to your operating system user of the same name (h9uest in your case):
sudo -u postgres -i
As recommended here or here.
Then try again. Type exit when done with operating as system user postgres.
Or execute the single command createuser as postgres with sudo, like demonstrated by drees in another answer.
The point is to use the operating system user matching the database role of the same name to be granted access via ident authentication. postgres is the default operating system user to have initialized the database cluster. The manual:
In order to bootstrap the database system, a freshly initialized
system always contains one predefined role. This role is always a
“superuser”, and by default (unless altered when running initdb) it
will have the same name as the operating system user that initialized
the database cluster. Customarily, this role will be named postgres.
In order to create more roles you first have to connect as this
initial role.
I have heard of odd setups with non-standard user names or where the operating system user does not exist. You'd need to adapt your strategy there.
Read about database roles and client authentication in the manual.
After trying many other people's solutions, and without success, this answer finally helped me.
https://stackoverflow.com/a/16974197/2433309
In short, running
sudo -u postgres createuser owning_user
creates a role with name owning_user (in this case, h9uest). After that you can run rake db:create from the terminal under whatever account name you set up without having to enter into the Postgres environment.
sudo su - postgres
psql template1
creating role on pgsql with privilege as "superuser"
CREATE ROLE username superuser;
eg. CREATE ROLE demo superuser;
Then create user
CREATE USER username;
eg. CREATE USER demo;
Assign privilege to user
GRANT ROOT TO username;
And then enable login that user, so you can run e.g.: psql template1, from normal $ terminal:
ALTER ROLE username WITH LOGIN;
This works for me:
psql -h localhost -U postgres
Installing postgres using apt-get does not create a user role or a database.
To create a superuser role and a database for your personal user account:
sudo -u postgres createuser -s $(whoami); createdb $(whoami)
psql postgres
postgres=# CREATE ROLE username superuser;
postgres=# ALTER ROLE username WITH LOGIN;
For version Postgres 9.5 use following comand:
psql -h localhost -U postgres
Hope this will help.
Working method,
vi /etc/postgresql/9.3/main/pg_hba.conf
local all postgres peer
here change peer to trust
restart, sudo service postgresql restart
now try, psql -U postgres
For Windows users : psql -U postgres
You should see then the command-line interface to PostgreSQL: postgres=#
I did a healthcheck with docker-compose.
healthcheck:
test: ['CMD-SHELL', 'pg_isready']
interval: 5s
timeout: 5s
retries: 5
If you also have that change the user:
healthcheck:
test: ['CMD-SHELL', 'pg_isready -U postgres'] # <<<---
interval: 5s
timeout: 5s
retries: 5
In local user prompt, not root user prompt, type
sudo -u postgres createuser <local username>
Then enter password for local user.
Then enter the previous command that generated "role 'username' does not exist."
Above steps solved the problem for me.
If not, please send terminal messages for above steps.
I installed it on macOS and had to:
cd /Applications/Postgres.app/Contents/Versions/9.5/bin
createuser -U postgres -s YOURUSERNAME
createdb YOURUSERNAME
Here's the source: https://github.com/PostgresApp/PostgresApp/issues/313#issuecomment-192461641
Manually creating a DB cluster solved it in my case.
For some reason, when I installed postgres, the "initial DB" wasn't created. Executing initdb did the trick for me.
This solution is provided in the PostgreSQL Wiki - First steps:
initdb
Typically installing postgres to your OS creates an "initial DB" and starts the postgres server daemon running. If not then you'll need to run initdb
dump and restore with --no-owner --no-privileges flags
e.g.
dump - pg_dump --no-owner --no-privileges --format=c --dbname=postgres://userpass:username#postgres:5432/schemaname > /tmp/full.dump
restore - pg_restore --no-owner --no-privileges --format=c --dbname=postgres://userpass:username#postgres:5432/schemaname /tmp/full.dump
sudo -u postgres createuser --superuser $USER
sudo -u postgres createdb $USER
This should definitely work for you.
for those who using docker and correctly followed the instructions from official doc, if you still met this problem, RESTART windows and try again.
Follow These Steps and it Will Work For You :
run msfconsole
type db_console
some information will be shown to you chose the information who tell you to make: db_connect user:pass#host:port.../database sorry I don't remember it but it's like this one then replace the user and the password and the host and the database with the information included in the database.yml in the emplacement: /usr/share/metasploit-framework/config
you will see. rebuilding the model cache in the background.
Type apt-get update && apt-get upgrade after the update restart the terminal and lunch msfconsole and it works you can check that by typing in msfconsole: msf>db_status you will see that it's connected.
Follow these steps to get postgres working.
In your terminal, locate the Application Support folder with the following command.
/Users/[name of the user]/library/application support
Delete the application, Postgres.
Reinstall the app and it should work just fine.
Something as simple as changing port from 5432 to 5433 worked for me.
I have a PostgreSQL server running on a Linux Red Hat VM (installed from rh-postgresql96) and am trying to create a role in the database through the psql shell using the following Ansible task.
- name: Setup database
become_user: postgres
become: yes
block:
- name: Enter psql shell
shell: |
scl enable rh-postgresql96 bash
- name: Create user1 role
shell: |
psql -c "CREATE ROLE user1 WITH LOGIN PASSWORD 'pass!123' VALID UNTIL 'infinity';"
But when I do this, it just hangs on the psql shell task...
Any ideas?
Please note, I do not want to use the postgresql ansible plugin to achieve this.
It may probably be waiting for some sort of input such as password. While executing mysql queries with ansible, I used the following format:
- name: Set max queries for hour for specified user
expect:
command: mysql -u root -p -e "ALTER USER '{{username}}'#'{{userhost}}' WITH MAX_QUERIES_PER_HOUR {{MAX_QUERIES_PER_HOUR}};"
echo: yes
responses:
'password': "{{mysql_root_password}}"
This query is irrelevant to the topic, but I used expect module to give the password input.
On OS X 10.11.2, I've installed Postgres.app and I'm running the local server. I'm trying to create a local account with a username and password so that I can develop a Rails app locally. However, running the following command:
sudo -u postgres createuser -s {USERNAME}
I receive sudo: unknown user: postgres error.
Any suggestions as to why this error occurs and how to resolve this?
sudo tells you there is no system user "postgres".
When you installed PostgreSQL, it should have created database user "postgres" and you can try use that:
$ psql -u postgres
postgres=# create user {username} password '{password}';
I managed to create a user with the following steps.
In the terminal:
createuser --superuser {USERNAME}
I then set a password in psql:
\password {USERNAME}
I am running PostgreSQL 9.3 on FreeBSD. FreeBSD uses pgsql as the default system user for PostgreSQL. My /usr/local/pgsql/data/pg_hba.conf looks like this:
# TYPE DATABASE USER ADDRESS METHOD
local all pgsql peer
local all all md5
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
With this configuration I can connect to the database as pgsql without a password.
$ su pgsql
$ psql template1
template1=# \l
List of databases
...
That works as intended.
On a remote machine, I have an Ansible task to create a database on the FreeBSD server.
- name: Create the postgresql database
postgresql_db: name=mydatabase login_user=pgsql
Executing this task fails with the error Peer authentication failed for user "pgsql".
PLAY [web] ********************************************************************
GATHERING FACTS ***************************************************************
ok: [host.example.org]
TASK: [database | Create the postgresql database] *****************************
failed: [host.example.org] => {"failed": true}
msg: unable to connect to database: FATAL: Peer authentication failed for user "pgsql"
FATAL: all hosts have already failed -- aborting
Why does this fail when peer authentication for the user pgsql is clearly working?
This worked for me:
- name: Create postgres database
become: true
become_user: postgres
postgresql_db:
name: <database-name>
In your specific case the user might be pgsql, but I think usually the user is postgres.
Or with slightly different syntax (from Ansible 1.9) and for user creation (might be helpful for someone)
- name: Create postgres user
postgresql_user: name={{ pg_user }} password={{ pg_password }}
become: true
become_user: postgres
For those running into "Failed to set permissions on the temporary files Ansible needs to create..." in order to switch to the postgres user with become_user you can leverage pipelining on Ubuntu hosts.
Create a ansible.cfg in your playbook directory and add the following lines:
[ssh_connection]
pipelining=True
Update: according to #lolcode Ansible 2.9.0 has updated to ansible_pipelining
[ssh_connection]
ansible_pipelining = true
Update 4/30/2020: for those who still have issues, try installing acl which will cause Ansible to use this acl filesystem to mount module that need to be accessible by the 2nd user instead of making them readable by everyone. Thanks #Andreas Florath
- name: install setfacl support
become: yes
apt: pkg=acl
I had the same problem. In my case I overlooked that I configured my Ansible-playbook to run as another Linux user than the one with peer access (pgsql in your case). Solution is either run the Ansible play as pgsql:
- name: Create the postgresql database
remote_user: pgsql
postgresql_db: name=mydatabase login_user=pgsql
...
Or run it as root, and su to pgsql for the command:
- name: Create the postgresql database
remote_user: root
become: yes
become_user: pgsql
postgresql_db: name=mydatabase login_user=pgsql
...
... depending on your access rights via ssh.
This is using Ansible 2.0.
Another workaround is to connect via host (localhost) rather than the default local peer authentication method:
- name: Create the postgresql database
postgresql_db:
name: mydatabase
login_user: postgres
login_host: 127.0.0.1
Depending on the settings in pg_hba.conf, you may also need to provide login_password. You can circumvent this by setting
host all postgres 127.0.0.1/32 md5
to
host all postgres 127.0.0.1/32 trust
I notice your Postgres version is really out of date (9.3). I had this issue recently when working on an Ubuntu 14 server with Postgres 9.3.
I tried a dozen different things, and finally what worked was installing the acl package via apt. Ansible uses it for navigating some of it's permissions issues. The package is installed by default on newer distros, hence why I've only seen this problem crop up on an old server.
Thanks to this threat I made a variant of mdh's post. When I set up a database I generate a password for the postgres user and I store it in a file under the root directory.
I thought why not store it also (or instead) in a .pgpass file for root. So I created a template like this (only last line is important):
#### password file for posgres connection ###
#### *:*:*:*
#### works like
#### * : * : * : *
#### <ip addr> : <port nr> : <db name> : <password>
127.0.0.1:*:*:postgres:{{ new_postgres_pass }}
Store the .pgpass file in the home directory of root. Now you can use the module as root without switching user of having to change the pg_hba.conf:
- name: Ensure postgresql mydatabase
postgresql_db:
name: mydatabase
login_user: postgres
login_host: 127.0.0.1
If you don't have sudo (debian, etc) but have access to root
- name: Create database
remote_user: root
become: yes
become_method: su
become_user: postgres
postgresql_db:
name: my_db
This problem due to postgres authentication methods configured at /etc/postgresql/10/main/pg_hba.conf , the configuration location may vary depending on the version installed, /etc/postgresql//main/pg_hba.conf
sample ansible recipe
---
- name : "Dump PostgreSQL database"
gather_facts: true
hosts: posgre_host
tasks:
- name: Dump existing PostgreSQL database
community.postgresql.postgresql_db:
name: demo
state: dump
target: /tmp/backup/backup.sql.gz
become: true
From
local all postgres peer
To
local all postgres trust
Here trust authentication method anyone connect to the server is authorized to access the database, since ansible is working based on ssh, it is safe to change.
So if I understood well you are on a remote machine, and maybe you should change /usr/local/pgsql/data/pg_hba.conf to allow remote connections 'host all all 0.0.0.0/0 md5' or another specific network address.