"root" 不允许执行 PostgreSQL 服务器
"root" execution of the PostgreSQL server is not permitted
当我尝试启动 postgresql 时出现错误:
postgres
postgres does not know where to find the server configuration file.
You must specify the --config-file or -D invocation option or set the
PGDATA environment variable.
然后我尝试设置我的配置文件:
postgres -D /usr/local/var/postgres
我收到以下错误:
postgres cannot access the server configuration file "/usr/local/var/postgres/postgresql.conf": Permission denied
嗯好的。接下来,我尝试以管理员身份执行相同的操作:
sudo postgres -D /usr/local/var/postgres
我收到以下错误:
"root" execution of the PostgreSQL server is not permitted.
The server must be started under an unprivileged user ID to prevent
possible system security compromise. See the documentation for more
information on how to properly start the server.
我在谷歌上搜索了该错误消息,但找不到解决方案。
谁能对此提供一些见解?
您的命令与您认为的不符。 运行 作为系统用户 postgres:
sudo -u postgres <i>command</i>
到运行命令(也叫postgres!):
sudo -u postgres postgres -D /usr/local/var/postgres
你的命令正好相反:
sudo postgres -D /usr/local/var/postgres
它运行程序postgres作为超级用户root(sudo没有-u开关),Postgres不允许运行 出于安全原因具有超级用户权限。因此出现错误消息。
如果您要 运行 作为系统用户 postgres 执行几个命令,请将用户更改为:
sudo -u postgres -i
... 完成后 exit。
- PostgreSQL error: Fatal: role "username" does not exist
如果您在以系统用户 postgres 身份操作时看到此错误消息,则说明文件或其中一个包含目录的权限有问题。
postgres cannot access the server configuration file "/usr/local/var/postgres/postgresql.conf": Permission denied
/usr/local/var/postgres/postgresql.conf
考虑 instruction in the Postgres manual。
还要考虑基于 Debian 的发行版中的包装器 pg_ctl - or pg_ctlcluster。
并且知道su and sudo之间的区别。相关:
- PostgreSQL error: Fatal: role "username" does not exist
对于那些试图 运行 使用官方 docker 图像自定义命令的人,请使用以下命令。 docker-entrypoint.sh 处理切换用户和处理其他权限。
docker-entrypoint.sh -c 'shared_buffers=256MB' -c 'max_connections=200'
Muthukumar 的回答是最好的!!经过一整天的搜索,通过更简单的方法更改我在 Kubernetes 中的 Alpine Postgres 部署,我找到了这个简单的答案。
有我完整的描述。享受它!!
首先,我需要 create/define 具有正确值的 ConfigMap。保存在文件“custom-postgresql.conf”:
# DB Version: 12
# OS Type: linux
# DB Type: oltp
# Total Memory (RAM): 16 GB
# CPUs num: 4
# Connections num: 9999
# Data Storage: ssd
# https://pgtune.leopard.in.ua/#/
# 2020-10-29
listen_addresses = '*'
max_connections = 9999
shared_buffers = 4GB
effective_cache_size = 12GB
maintenance_work_mem = 1GB
checkpoint_completion_target = 0.9
wal_buffers = 16MB
default_statistics_target = 100
random_page_cost = 1.1
effective_io_concurrency = 200
work_mem = 209kB
min_wal_size = 2GB
max_wal_size = 8GB
max_worker_processes = 4
max_parallel_workers_per_gather = 2
max_parallel_workers = 4
max_parallel_maintenance_workers = 2
创建 Config/Map:
kubectl create configmap custom-postgresql-conf --from-file=custom-postgresql.conf
Please, take care that the values in custom settings are defined
according to the Pod resources, mainly by memory and CPU assignments.
有清单(postgres.yml):
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
namespace: default
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 128Gi
---
apiVersion: v1
kind: Service
metadata:
name: postgres
namespace: default
spec:
type: ClusterIP
selector:
app: postgres
tier: core
ports:
- name: port-5432-tcp
port: 5432
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: postgres
tier: core
template:
metadata:
labels:
app: postgres
tier: core
spec:
restartPolicy: Always
terminationGracePeriodSeconds: 30
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: postgres-pvc
- name: postgresql-conf
configMap:
name: postgresql-conf
items:
- key: custom-postgresql.conf
path: postgresql.conf
containers:
- name: postgres
image: postgres:12-alpine
resources:
requests:
memory: 128Mi
cpu: 600m
limits:
memory: 16Gi
cpu: 1500m
readinessProbe:
exec:
command:
- "psql"
- "-w"
- "-U"
- "postgres"
- "-d"
- "postgres"
- "-c"
- "SELECT 1"
initialDelaySeconds: 15
timeoutSeconds: 2
livenessProbe:
exec:
command:
- "psql"
- "-w"
- "postgres"
- "-U"
- "postgres"
- "-d"
- "postgres"
- "-c"
- "SELECT 1"
initialDelaySeconds: 45
timeoutSeconds: 2
imagePullPolicy: IfNotPresent
# this was the problem !!!
# I found the solution here:
command: [ "docker-entrypoint.sh", "-c", "config_file=/etc/postgresql/postgresql.conf" ]
ports:
- containerPort: 5432
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data
subPath: postgresql
- name: postgresql-conf
mountPath: /etc/postgresql/postgresql.conf
subPath: postgresql.conf
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: etldatasore-username
key: ETLDATASTORE__USERNAME
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: etldatasore-database
key: ETLDATASTORE__DATABASE
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: etldatasore-password
key: ETLDATASTORE__PASSWORD
您可以申请
kubectl apply -f postgres.yml
转到您的连播并检查应用的设置:
kubectl get pods
kubectl exec -it postgres-548f997646-6vzv2 bash
bash-5.0# su - postgres
postgres-548f997646-6vzv2:~$ psql
postgres=# show config_file;
config_file
---------------------------------
/etc/postgresql/postgresql.conf
(1 row)
postgres=#
# if you want to check all custom settings, do
postgres=# SHOW ALL;
谢谢Muthukumar!!
请自己尝试、验证并分享!!!
当我尝试启动 postgresql 时出现错误:
postgres
postgres does not know where to find the server configuration file.
You must specify the --config-file or -D invocation option or set the PGDATA environment variable.
然后我尝试设置我的配置文件:
postgres -D /usr/local/var/postgres
我收到以下错误:
postgres cannot access the server configuration file "/usr/local/var/postgres/postgresql.conf": Permission denied
嗯好的。接下来,我尝试以管理员身份执行相同的操作:
sudo postgres -D /usr/local/var/postgres
我收到以下错误:
"root" execution of the PostgreSQL server is not permitted.
The server must be started under an unprivileged user ID to prevent possible system security compromise. See the documentation for more information on how to properly start the server.
我在谷歌上搜索了该错误消息,但找不到解决方案。
谁能对此提供一些见解?
您的命令与您认为的不符。 运行 作为系统用户 postgres:
sudo -u postgres <i>command</i>
到运行命令(也叫postgres!):
sudo -u postgres postgres -D /usr/local/var/postgres
你的命令正好相反:
sudo postgres -D /usr/local/var/postgres
它运行程序postgres作为超级用户root(sudo没有-u开关),Postgres不允许运行 出于安全原因具有超级用户权限。因此出现错误消息。
如果您要 运行 作为系统用户 postgres 执行几个命令,请将用户更改为:
sudo -u postgres -i
... 完成后 exit。
- PostgreSQL error: Fatal: role "username" does not exist
如果您在以系统用户 postgres 身份操作时看到此错误消息,则说明文件或其中一个包含目录的权限有问题。
postgres cannot access the server configuration file "/usr/local/var/postgres/postgresql.conf": Permission denied /usr/local/var/postgres/postgresql.conf
考虑 instruction in the Postgres manual。
还要考虑基于 Debian 的发行版中的包装器 pg_ctl - or pg_ctlcluster。
并且知道su and sudo之间的区别。相关:
- PostgreSQL error: Fatal: role "username" does not exist
对于那些试图 运行 使用官方 docker 图像自定义命令的人,请使用以下命令。 docker-entrypoint.sh 处理切换用户和处理其他权限。
docker-entrypoint.sh -c 'shared_buffers=256MB' -c 'max_connections=200'
Muthukumar 的回答是最好的!!经过一整天的搜索,通过更简单的方法更改我在 Kubernetes 中的 Alpine Postgres 部署,我找到了这个简单的答案。
有我完整的描述。享受它!!
首先,我需要 create/define 具有正确值的 ConfigMap。保存在文件“custom-postgresql.conf”:
# DB Version: 12
# OS Type: linux
# DB Type: oltp
# Total Memory (RAM): 16 GB
# CPUs num: 4
# Connections num: 9999
# Data Storage: ssd
# https://pgtune.leopard.in.ua/#/
# 2020-10-29
listen_addresses = '*'
max_connections = 9999
shared_buffers = 4GB
effective_cache_size = 12GB
maintenance_work_mem = 1GB
checkpoint_completion_target = 0.9
wal_buffers = 16MB
default_statistics_target = 100
random_page_cost = 1.1
effective_io_concurrency = 200
work_mem = 209kB
min_wal_size = 2GB
max_wal_size = 8GB
max_worker_processes = 4
max_parallel_workers_per_gather = 2
max_parallel_workers = 4
max_parallel_maintenance_workers = 2
创建 Config/Map:
kubectl create configmap custom-postgresql-conf --from-file=custom-postgresql.conf
Please, take care that the values in custom settings are defined according to the Pod resources, mainly by memory and CPU assignments.
有清单(postgres.yml):
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
namespace: default
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 128Gi
---
apiVersion: v1
kind: Service
metadata:
name: postgres
namespace: default
spec:
type: ClusterIP
selector:
app: postgres
tier: core
ports:
- name: port-5432-tcp
port: 5432
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: postgres
tier: core
template:
metadata:
labels:
app: postgres
tier: core
spec:
restartPolicy: Always
terminationGracePeriodSeconds: 30
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: postgres-pvc
- name: postgresql-conf
configMap:
name: postgresql-conf
items:
- key: custom-postgresql.conf
path: postgresql.conf
containers:
- name: postgres
image: postgres:12-alpine
resources:
requests:
memory: 128Mi
cpu: 600m
limits:
memory: 16Gi
cpu: 1500m
readinessProbe:
exec:
command:
- "psql"
- "-w"
- "-U"
- "postgres"
- "-d"
- "postgres"
- "-c"
- "SELECT 1"
initialDelaySeconds: 15
timeoutSeconds: 2
livenessProbe:
exec:
command:
- "psql"
- "-w"
- "postgres"
- "-U"
- "postgres"
- "-d"
- "postgres"
- "-c"
- "SELECT 1"
initialDelaySeconds: 45
timeoutSeconds: 2
imagePullPolicy: IfNotPresent
# this was the problem !!!
# I found the solution here:
command: [ "docker-entrypoint.sh", "-c", "config_file=/etc/postgresql/postgresql.conf" ]
ports:
- containerPort: 5432
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data
subPath: postgresql
- name: postgresql-conf
mountPath: /etc/postgresql/postgresql.conf
subPath: postgresql.conf
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: etldatasore-username
key: ETLDATASTORE__USERNAME
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: etldatasore-database
key: ETLDATASTORE__DATABASE
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: etldatasore-password
key: ETLDATASTORE__PASSWORD
您可以申请
kubectl apply -f postgres.yml
转到您的连播并检查应用的设置:
kubectl get pods
kubectl exec -it postgres-548f997646-6vzv2 bash
bash-5.0# su - postgres
postgres-548f997646-6vzv2:~$ psql
postgres=# show config_file;
config_file
---------------------------------
/etc/postgresql/postgresql.conf
(1 row)
postgres=#
# if you want to check all custom settings, do
postgres=# SHOW ALL;
谢谢Muthukumar!!
请自己尝试、验证并分享!!!