postgres-operator icon indicating copy to clipboard operation
postgres-operator copied to clipboard
verified publisher icon CrunchyData

pgAdmin pod with wrong permissions

Open danielbichuetti opened this issue 3 years ago • 0 comments

Overview

When deploying a new cluster, setting user custom password ( Secret Patch ), and trying to access pgAdmin it fails.

This is not related to tagging with @pgo. I log in on the pod and on sqlite it's there the user. Then when reading error_log I found:

[Thu Aug 04 21:13:33.859786 2022] [core:notice] [pid 18:tid 140317043461568] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Thu Aug 04 21:15:36.684441 2022] [wsgi:error] [pid 20:tid 140316632700672] WARNING: Failed to set ACL on the directory containing the configuration database:
[Thu Aug 04 21:15:36.684479 2022] [wsgi:error] [pid 20:tid 140316632700672]            [Errno 1] Operation not permitted: '/var/lib/pgadmin'
[Thu Aug 04 21:15:36.684485 2022] [wsgi:error] [pid 20:tid 140316632700672] 
[Thu Aug 04 21:15:36.684536 2022] [wsgi:error] [pid 20:tid 140316632700672] HINT   : You may need to manually set the permissions on
[Thu Aug 04 21:15:36.684541 2022] [wsgi:error] [pid 20:tid 140316632700672]          /var/lib/pgadmin to allow daemon to write to it.
[Thu Aug 04 21:15:36.684545 2022] [wsgi:error] [pid 20:tid 140316632700672]

Environment

Please provide the following details:

  • Platform: EKS
  • Platform Version: (e.g. 1.20.3, 4.7.0)
  • PGO Image Tag: ubi8-5.1.2
  • Postgres Version 14
  • Storage: gp2

Steps to Reproduce

REPRO

Provide steps to get to the error condition:

  1. Run default pgo install, create one user on spec.users
  2. Patch the user password
  3. Try to login using the interface

EXPECTED

Custom user with custom password should be able to login on pgAdmin interface

ACTUAL

User can't login and pgAdmin throw an error that httpd has no permission on the database config. directory.

User can login on cluster if not using the interface.

Logs

[Thu Aug 04 21:13:33.859786 2022] [core:notice] [pid 18:tid 140317043461568] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Thu Aug 04 21:15:36.684441 2022] [wsgi:error] [pid 20:tid 140316632700672] WARNING: Failed to set ACL on the directory containing the configuration database:
[Thu Aug 04 21:15:36.684479 2022] [wsgi:error] [pid 20:tid 140316632700672]            [Errno 1] Operation not permitted: '/var/lib/pgadmin'
[Thu Aug 04 21:15:36.684485 2022] [wsgi:error] [pid 20:tid 140316632700672] 
[Thu Aug 04 21:15:36.684536 2022] [wsgi:error] [pid 20:tid 140316632700672] HINT   : You may need to manually set the permissions on
[Thu Aug 04 21:15:36.684541 2022] [wsgi:error] [pid 20:tid 140316632700672]          /var/lib/pgadmin to allow daemon to write to it.
[Thu Aug 04 21:15:36.684545 2022] [wsgi:error] [pid 20:tid 140316632700672]

drwxrwsr-x 5 root postgres 4096 Aug 4 21:13 pgadmin

danielbichuetti avatar Aug 04 '22 21:08 danielbichuetti