postgresql cp archive 命令失败,因为 rsync 权限被拒绝
postgresql cp archive command failed as rsync permission denied
我正在尝试通过 ansible 设置 postgresql 数据库设置(版本 - 10),当我尝试在 recovery.conf 文件之后启动 postgresql 数据库集群时,我遇到了权限被拒绝的错误
我正在通过 anasible 进行尝试,下面是模块信息
- name: Starting the postgresql db cluster on standby host
command: 'su - postgres -c "pg_ctl -D {{ data_dir }} start"'
when: inventory_hostname == (groups['pgdb']|sort())[1]
错误信息:
2021-06-19 13:46:56.129 UTC [90381] DETAIL: The failed archive command was: cp pg_wal/000000010000000000000001 /data/archives/testarchives/000000010000000000000001 && /bin/rsync -a pg_wal/000000010000000000000001 postgres@10.0.1.120:/data/archives/testarchives/000000010000000000000001
2021-06-19 13:46:56.130 UTC [77934] LOG: archiver process (PID 90381) exited with exit code 1
sh: /bin/rsync: Permission denied
2021-06-19 13:47:56.227 UTC [90385] FATAL: archive command failed with exit code 126
它清楚地表明它无法执行 rsync 命令,因为 postgres user.But 不知道如何解决这个问题
首先尝试了以下但没有成功
- name: Starting the postgresql db cluster on standby host
command: "pg_ctl -D {{ data_dir }} start"
when: inventory_hostname == (groups['pgdb']|sort())[1]
become_user: postgres
我的recovery.conf文件是eblow
$ cat recovery.conf
standby_mode = 'on'
primary_conninfo = 'user=postgres host=10.0.1.120 port=5432'
restore_command = 'cp -i /data/archives/testarchives/%f %p'
trigger_file = '/tmp/testtrigger_file'
recovery_target_timeline = 'latest'
archive_cleanup_command = 'pg_archivecleanup -d /data/archives/kongarchives %r 2>>/data/archives/cleanup.log'
但是如果我手动执行相同的命令那么它就可以工作
[ec2-user@ip-10-0-2-98 ~]$ sudo su - postgres
Last login: Sat Jun 19 15:31:25 UTC 2021 on pts/0
[postgres@ip-10-0-2-98 ~]$ cd /data/dbdata/testdata/
[postgres@ip-10-0-2-98]$ cp pg_wal/000000010000000000000004 /data/archives/testarchives/000000010000000000000004 && /bin/rsync -a pg_wal/000000010000000000000004 postgres@10.0.1.120:/data/archives/testarchives/000000010000000000000004
[postgres@ip-10-0-2-98]$
您可能是 SELinux 或类似软件的受害者,其中同一个系统 OS 帐户可以具有不同的权限,具体取决于它是 运行 作为守护程序还是来自命令行.在我的问题得到解决后,尝试 运行 下面的命令,
sudo setenforce 0
参考:https://wiki.gentoo.org/wiki/SELinux/Tutorials/Permissive_versus_enforcing
你能试试下面吗
- name: Starting the postgresql db cluster on standby host
command: 'sudo -u postgres psql -c "pg_ctl -D {{ data_dir }} start"'
when: inventory_hostname == (groups['pgdb']|sort())[1]
我正在尝试通过 ansible 设置 postgresql 数据库设置(版本 - 10),当我尝试在 recovery.conf 文件之后启动 postgresql 数据库集群时,我遇到了权限被拒绝的错误
我正在通过 anasible 进行尝试,下面是模块信息
- name: Starting the postgresql db cluster on standby host
command: 'su - postgres -c "pg_ctl -D {{ data_dir }} start"'
when: inventory_hostname == (groups['pgdb']|sort())[1]
错误信息:
2021-06-19 13:46:56.129 UTC [90381] DETAIL: The failed archive command was: cp pg_wal/000000010000000000000001 /data/archives/testarchives/000000010000000000000001 && /bin/rsync -a pg_wal/000000010000000000000001 postgres@10.0.1.120:/data/archives/testarchives/000000010000000000000001
2021-06-19 13:46:56.130 UTC [77934] LOG: archiver process (PID 90381) exited with exit code 1
sh: /bin/rsync: Permission denied
2021-06-19 13:47:56.227 UTC [90385] FATAL: archive command failed with exit code 126
它清楚地表明它无法执行 rsync 命令,因为 postgres user.But 不知道如何解决这个问题
首先尝试了以下但没有成功
- name: Starting the postgresql db cluster on standby host
command: "pg_ctl -D {{ data_dir }} start"
when: inventory_hostname == (groups['pgdb']|sort())[1]
become_user: postgres
我的recovery.conf文件是eblow
$ cat recovery.conf
standby_mode = 'on'
primary_conninfo = 'user=postgres host=10.0.1.120 port=5432'
restore_command = 'cp -i /data/archives/testarchives/%f %p'
trigger_file = '/tmp/testtrigger_file'
recovery_target_timeline = 'latest'
archive_cleanup_command = 'pg_archivecleanup -d /data/archives/kongarchives %r 2>>/data/archives/cleanup.log'
但是如果我手动执行相同的命令那么它就可以工作
[ec2-user@ip-10-0-2-98 ~]$ sudo su - postgres
Last login: Sat Jun 19 15:31:25 UTC 2021 on pts/0
[postgres@ip-10-0-2-98 ~]$ cd /data/dbdata/testdata/
[postgres@ip-10-0-2-98]$ cp pg_wal/000000010000000000000004 /data/archives/testarchives/000000010000000000000004 && /bin/rsync -a pg_wal/000000010000000000000004 postgres@10.0.1.120:/data/archives/testarchives/000000010000000000000004
[postgres@ip-10-0-2-98]$
您可能是 SELinux 或类似软件的受害者,其中同一个系统 OS 帐户可以具有不同的权限,具体取决于它是 运行 作为守护程序还是来自命令行.在我的问题得到解决后,尝试 运行 下面的命令,
sudo setenforce 0
参考:https://wiki.gentoo.org/wiki/SELinux/Tutorials/Permissive_versus_enforcing
你能试试下面吗
- name: Starting the postgresql db cluster on standby host
command: 'sudo -u postgres psql -c "pg_ctl -D {{ data_dir }} start"'
when: inventory_hostname == (groups['pgdb']|sort())[1]