I am new to the docker ecosystem and I am trying to spin up a simple postgres container along with a volume so it persists its data, by using a yaml composer file. The file is as follows:
# Use postgres/example user/password credentials
version: '3.3'
services:
db:
image: postgres
environment:
POSTGRES_DB: recrow
POSTGRES_USER: recrow
POSTGRES_PASSWORD: recrow_db_1000
PGDATA: /var/lib/pgsql/data/pgdata
volumes:
- ./pgsql/data:/var/lib/pgsql/data/pgdata
However, upon calling docker-compose -f stack.yml up
I get the following error:
fixing permissions on existing directory
/var/lib/postgresql/data/pgdata … initdb: could not change
permissions of directory «/var/lib/postgresql/data/pgdata»: Operation
not permitted
/var/lib/pgsql/data/pgdata
is supposed to be a directory relative to the container’s root, while ./pgsql/data
is a path on the host. I am running the container from an ntfs-3g partition mounted on /mnt/storage
. What could be the problem? I am also running docker without root permissions, by adding my user to the docker group and this user also has full access to the beforementioned mount point /mnt/storage
.
asked Jul 3, 2017 at 4:59
Following off of @liam-mitchell’s note above, that is the answer. Use named volumes such like the following:
services:
db:
image: postgres:12-alpine
volumes:
- "postgres:/data/postgres"
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
- PGDATA=/data/postgres
...
volumes:
postgres:
answered Aug 19, 2020 at 22:15
CGuessCGuess
3955 silver badges9 bronze badges
I work with OpenShift and had the same problem to run this official image from Docker Hub.
In my case, the solution was to use the official postgres image from red hat repository, the image from red hat repository has fixed this problem, this is can be an alternative.
answered Apr 1, 2021 at 13:01
1
I had the same issue with docker on WSL2. Setting the :Z flag for the mount and not mounting to a Windows file system directory (/mnt/*
) but a linux directory (/home/*
) worked for me.
my compose:
version: '3.3'
services:
postgres:
container_name: dbs2-postgres
environment:
- POSTGRES_PASSWORD=mysecretpassword
- PGDATA=/var/lib/postgresql/data/pgdata
volumes:
- './data:/var/lib/postgresql/data:Z'
image: postgres
answered Dec 2, 2022 at 8:20
Torben ETorben E
1931 silver badge12 bronze badges
I am new to the docker ecosystem and I am trying to spin up a simple postgres container along with a volume so it persists its data, by using a yaml composer file. The file is as follows:
# Use postgres/example user/password credentials
version: '3.3'
services:
db:
image: postgres
environment:
POSTGRES_DB: recrow
POSTGRES_USER: recrow
POSTGRES_PASSWORD: recrow_db_1000
PGDATA: /var/lib/pgsql/data/pgdata
volumes:
- ./pgsql/data:/var/lib/pgsql/data/pgdata
However, upon calling docker-compose -f stack.yml up
I get the following error:
fixing permissions on existing directory
/var/lib/postgresql/data/pgdata … initdb: could not change
permissions of directory «/var/lib/postgresql/data/pgdata»: Operation
not permitted
/var/lib/pgsql/data/pgdata
is supposed to be a directory relative to the container’s root, while ./pgsql/data
is a path on the host. I am running the container from an ntfs-3g partition mounted on /mnt/storage
. What could be the problem? I am also running docker without root permissions, by adding my user to the docker group and this user also has full access to the beforementioned mount point /mnt/storage
.
asked Jul 3, 2017 at 4:59
Following off of @liam-mitchell’s note above, that is the answer. Use named volumes such like the following:
services:
db:
image: postgres:12-alpine
volumes:
- "postgres:/data/postgres"
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
- PGDATA=/data/postgres
...
volumes:
postgres:
answered Aug 19, 2020 at 22:15
CGuessCGuess
3955 silver badges9 bronze badges
I work with OpenShift and had the same problem to run this official image from Docker Hub.
In my case, the solution was to use the official postgres image from red hat repository, the image from red hat repository has fixed this problem, this is can be an alternative.
answered Apr 1, 2021 at 13:01
1
I had the same issue with docker on WSL2. Setting the :Z flag for the mount and not mounting to a Windows file system directory (/mnt/*
) but a linux directory (/home/*
) worked for me.
my compose:
version: '3.3'
services:
postgres:
container_name: dbs2-postgres
environment:
- POSTGRES_PASSWORD=mysecretpassword
- PGDATA=/var/lib/postgresql/data/pgdata
volumes:
- './data:/var/lib/postgresql/data:Z'
image: postgres
answered Dec 2, 2022 at 8:20
Torben ETorben E
1931 silver badge12 bronze badges
I’m trying to run a docker image with PostgreSQL that has a volume configured for persisting data.
docker-compose.yml
version: '3.1'
services:
db:
image: postgres
restart: always
volumes:
- ./data:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: example
When I start the container I see the output
fixing permissions on existing directory /var/lib/postgresql/data … ok
and the data folder is no longer readable for me.
If I elevate myself and access the data directory I can see that the files are there. Furthermore, the command ls -ld data
gives me
drwx------ 19 systemd-coredump root 4096 May 17 16:22 data
I can manually set the directory permission with sudo chmod 755 data
, but that only works until I restart the container.
Why does this happen, and how can I fix it?
Solution
The other answer indeed points to the root cause of the problem, however the help page it points to does not contain a solution. Here is what I came up with to make this work for me:
- start the container using your normal docker-compose file, this creates the directory with the hardcoded uid:gid (999:999)
version: '3.7'
services:
db:
image: postgres
container_name: postgres
volumes:
- ./data:/var/lib/postgresql/data
environment:
POSTGRES_USER: fake_database_user
POSTGRES_PASSWORD: fake_database_PASSWORD
- stop the container and manually change the ownership to uid:gid you want (I’ll use 1000:1000 for this example
$ docker stop postgres
$ sudo chown -R 1000:1000 ./data
- Edit your docker file to add your desired uid:gid and start it up again using docker-compose (notice the
user:
)
version: '3.7'
services:
db:
image: postgres
container_name: postgres
volumes:
- ./data:/var/lib/postgresql/data
user: 1000:1000
environment:
POSTGRES_USER: fake_database_user
POSTGRES_PASSWORD: fake_database_password
The reason you can’t just use user:
from the start is that if the image runs as a different user it fails to create the data files.
On the image documentation page, it does mention a solution to add a volume to expose the /etc/passwd
file as read-only in the image when providing --user
option, however, that did not work for me with the latest image, as I was getting the following error. In fact none of the three proposed solutions worked for me.
initdb: error: could not change permissions of directory "/var/lib/postgresql/data": Operation not permitted
Answered By — Plazgoth
Answer Checked By — Robin (WPSolving Admin)
Не разворачивается контейнер, ловлю ошибку от postgres: initdb: could not change permissions of directory «/var/lib/postgresql/data»: Operation not permitted
Та же ситуация происходила и на Ubuntu 16/17/18
Текущий: Deepin 15.5 (debian)
-
Вопрос заданболее трёх лет назад
-
2023 просмотра
Пригласить эксперта
Видимо роскомпозор заблокировал и гугл переводчик. Очевидно нет прав на директорию.
Разберитесь где эта директория(в томе контейнера или прокидывается с хоста) и почему нет прав на нее.
Директория /var/lib/postgresql/data через volumes не прокидывается наружу?
-
Показать ещё
Загружается…
09 февр. 2023, в 23:00
1500 руб./за проект
09 февр. 2023, в 22:06
500 руб./за проект
09 февр. 2023, в 22:01
50000 руб./за проект
Минуточку внимания
These are pretty much the steps I have followed in order. Basically what is outlined in the documentation:
https://docs.microsoft.com/en-us/azure/aks/azure-files-dynamic-pv
azure-storage-claim.yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: test-app-sc
provisioner: kubernetes.io/azure-file
mountOptions:
- dir_mode=0777
- file_mode=0777
- uid=1000
- gid=1000
- mfsymlinks
- nobrl
- cache=none
parameters:
skuName: Standard_LRS
location: westus
azure-storage.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: test-app-storage
spec:
accessModes:
- ReadWriteMany
storageClassName: test-app-sc
resources:
requests:
storage: 15Gi<br>
PVC is now setup.
Changed the mountPath per the Postgres image documentation:
PGDATA
This optional variable can be used to define another location — like a subdirectory — for the database files. The default is /var/lib/postgresql/data, but if the data volume you’re using is a filesystem mountpoint (like with GCE persistent disks), Postgres initdb recommends a subdirectory (for example /var/lib/postgresql/data/pgdata ) be created to contain the data.
This is an environment variable that is not Docker specific. Because the variable is used by the postgres server binary (see the PostgreSQL docs), the entrypoint script takes it into account.
Based on that, I have my postgres.yaml
setup like the following:
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres-deployment
spec:
replicas: 1
selector:
matchLabels:
component: postgres
template:
metadata:
labels:
component: postgres
spec:
containers:
- name: postgres
image: postgres
# I don't know, someone suggested this, but doesn't work apparently
securityContext:
runAsUser: 0
ports:
- containerPort: 5432
env:
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: test-app-secrets
key: PGDATABASE
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: test-app-secrets
key: PGUSER
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: test-app-secrets
key: PGPASSWORD
- name: POSTGRES_INITDB_ARGS
value: "-A md5"
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data/pgdata
subPath: postgres-storage
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: test-app-storage
---
apiVersion: v1
kind: Service
metadata:
name: postgres-cluster-ip-service
spec:
type: ClusterIP
selector:
component: postgres
ports:
- port: 1423
targetPort: 5432
You get the error:
chmod: changing permissions of '/var/lib/postgresql/data/pgdata': Operation not permitted
So with either of that as the Dockerfile:
FROM postgres:11-alpine
EXPOSE 5432
RUN /bin/bash -c 'chmod 777 /var/lib/postgresql/data'
RUN /bin/bash -c 'chmod 777 /var/lib/postgresql/data/pgdata'
Or
FROM postgres:11-alpine
EXPOSE 5432
It doesn’t really matter, you still get the same type of error by doing any the following:
...
- name: POSTGRES_INITDB_ARGS
value: "-A md5"
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data/pgdata
subPath: postgres-storage
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: test-app-storage
...<br>
Results in the following error:
The files belonging to this database system will be owned by user "postgres". This user must also own the server process.
The database cluster will be initialized with locale "en_US.utf8". The default database encoding has accordingly been set to "UTF8". The default text search configuration will be set to "english".
Data page checksums are disabled.
initdb: error: directory "/var/lib/postgresql/data" exists but is not empty If you want to create a new database system, either remove or empty the directory "/var/lib/postgresql/data" or run initdb with an argument other than "/var/lib/postgresql/data".
Try this:
...
- name: POSTGRES_INITDB_ARGS
value: "-A md5"
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data
subPath: postgres-storage
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: test-app-storage
...
And it results in this:
chmod: changing permissions of '/var/lib/postgresql/data': Operation not permitted
Try this:
...
- name: POSTGRES_INITDB_ARGS
value: "-A md5"
value: "-D /var/lib/postgresql/data/pgdata"
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data/pgdata
subPath: postgres-storage
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: test-app-storage
...
And it results in this:
The files belonging to this database system will be owned by user "postgres". This user must also own the server process.
The database cluster will be initialized with locale "en_US.utf8". The default database encoding has accordingly been set to "UTF8". The default text search configuration will be set to "english".
Data page checksums are disabled.
initdb: error: could not change permissions of directory "/var/lib/postgresql/data/pgdata": Operation not permitted fixing permissions on existing directory /var/lib/postgresql/data/pgdata ...
So nothing seems to work that I've tried and following the documentation where I can.
Someone suggested to get rid of the volume mounts like so:
...
- name: POSTGRES_INITDB_ARGS
value: "-A md5"
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: test-app-storage
...
Which, hey, that actually works! But doesn’t persist data given it just uses the Pod storage so is pretty pointless:
And sure enough when you create a table in Postgres, destroy the Pod, and then redeploy it, of course the table is no longer there.
So more than likely I’m doing something wrong, but I’ve been following the documentation and seems like this should work.
Where are things going wrong?
EDIT: Permissions in Pod
Apparently it is a permissions issue that occurs when PGDATA
is the same directory as mountPath
. For example:
...
- name: PGDATA
value: /var/lib/postgresql-data
volumeMounts:
- name: test-app-storage
mountPath: /var/lib/postgresql-data
subPath: postgres-storage
...
or
...
# if PGDATA is not specified it defaults to /var/lib/postgresql/data
# - name: PGDATA
# value: /var/lib/postgresql-data
volumeMounts:
- name: test-app-storage
mountPath: /var/lib/postgresql/data
subPath: postgres-storage
...
Something like this where they do not match will create the Pod, but uses Pod storage which I obviously don’t want:
# Thus /var/lib/postgresql/data
# - name: PGDATA
# value: /var/lib/postgresql-data
volumeMounts:
- name: test-app-storage
mountPath: /var/lib/postgresql-data
subPath: postgres-storage
Permissions ls -l
looks like this:
$ ls -l
drwxr-xr-x 1 root root 4096 Feb 2 06:06 apt
drwxr-xr-x 1 root root 4096 Feb 2 06:07 dpkg
drwxr-xr-x 2 root root 4096 Feb 2 06:06 exim4
drwxr-xr-x 2 root root 4096 Aug 28 2018 logrotate
drwxr-xr-x 2 root root 4096 Nov 10 12:17 misc
drwxr-xr-x 2 root root 4096 Jan 30 00:00 pam
drwxr-xr-x 1 postgres postgres 4096 Feb 2 06:07 postgresql
drwxrwxrwx 2 1000 1000 0 Jan 31 21:46 postgresql-data
drwxr-xr-x 1 root root 4096 Jan 30 00:00 systemd
drwxr-xr-x 3 root root 4096 Feb 2 06:07 ucf
$ ls -l postgresql && ls -l postgresql/data && ls -l postgresql-data
total 4
drwx------ 19 postgres postgres 4096 Feb 5 23:28 data
total 124
drwx------ 6 postgres postgres 4096 Feb 5 23:28 base
drwx------ 2 postgres postgres 4096 Feb 5 23:29 global
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_commit_ts
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_dynshmem
-rw------- 1 postgres postgres 4281 Feb 5 23:28 pg_hba.conf
-rw------- 1 postgres postgres 1636 Feb 5 23:28 pg_ident.conf
drwx------ 4 postgres postgres 4096 Feb 5 23:33 pg_logical
drwx------ 4 postgres postgres 4096 Feb 5 23:28 pg_multixact
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_notify
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_replslot
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_serial
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_snapshots
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_stat
drwx------ 2 postgres postgres 4096 Feb 5 23:51 pg_stat_tmp
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_subtrans
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_tblspc
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_twophase
-rw------- 1 postgres postgres 3 Feb 5 23:28 PG_VERSION
drwx------ 3 postgres postgres 4096 Feb 5 23:28 pg_wal
drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_xact
-rw------- 1 postgres postgres 88 Feb 5 23:28 postgresql.auto.conf
-rw------- 1 postgres postgres 26588 Feb 5 23:28 postgresql.conf
-rw------- 1 postgres postgres 36 Feb 5 23:28 postmaster.opts
-rw------- 1 postgres postgres 94 Feb 5 23:28 postmaster.pid
total 0
The permissions for where it creates the data files is postgres
. However, doing this, it doesn’t map to Azure Files and the PVC. It just stays and is destroyed with the Pod.
I think what is happening is mountPath
uses root
and PGDATA
uses postgres
, and somehow mountPath
is trying to use postgres
???
Really, not sure and still lost as to how to resolve it.
EDIT2
Came across this answer:
https://stackoverflow.com/a/51203031/3123109
So added the following to mine:
- name: postgres
image: postgres
command:
- /bin/chown
- -R
- "1000"
- /var/lib/postgresql/data
But this generates a new error:
The selected container has not logged any messages yet.
Progress, I guess.
#postgresql #docker #docker-compose #wsl-2
Вопрос:
У меня проблема с docker-compose PostgreSQL, я работаю на рабочем столе Windows WSL 2 Docker. Когда я запускаю docker-compose на сервере linux, он работает хорошо, но когда я пытаюсь запустить его локально, я получаю следующую ошибку:
postgres | chmod: changing permissions of '/var/lib/postgresql/data': Operation not permitted
ngnix | 10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf is not a file or does not exist
postgres | The files belonging to this database system will be owned by user "postgres".
postgres | This user must also own the server process.
postgres |
postgres | The database cluster will be initialized with locale "en_US.utf8".
postgres | The default database encoding has accordingly been set to "UTF8".
postgres | The default text search configuration will be set to "english".
postgres |
postgres | Data page checksums are disabled.
postgres |
ngnix | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
ngnix | /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
postgres | fixing permissions on existing directory /var/lib/postgresql/data ... initdb: error: could not change permissions of directory "/var/lib/postgresql/data": Operation not permitted
ngnix | /docker-entrypoint.sh: Configuration complete; ready for start up
postgres exited with code 1
Я пытался изменить разрешение на весь проект, как это => chmod 777 -R project_folder
Dcoker-составьте.yml:
postgresdb:
container_name: postgres
build:
context: ./docker/postgres
dockerfile: Dockerfile
environment:
- POSTGRES_PASSWORD=password123
volumes:
- ./docker/postgres/init.sql:/docker-entrypoint-initdb.d/init.sql
- ./postgres-data:/var/lib/postgresql/data
ports:
- "5432:5432"
Никаких идей, как это решить. Помогите мне, пожалуйста!
Комментарии:
1. Есть ли какая-либо причина, по которой вы не используете тома Docker для каталога данных вместо относительного пути?
2. У меня нет причин, я новичок в системах докеров 🙂
3. Вы работаете в WSL (который является Linux). Попробуйте открыть каталог ./postgres_data с помощью команды: chmod 777 ./postgres_data. И перезапустите файл создания.
Ответ №1:
Поэтому я предполагаю, что, поскольку вы монтируете каталог относительно файла docker-compose в качестве каталога «данные» в WSL, возникает ошибка разрешения. Вы можете попытаться исправить эти разрешения (chmod, chown и т. Д. В локальном каталоге).
Вы также можете использовать «именованные» тома, что также должно устранить проблему с разрешениями.
# docker-compose.yml
services:
# ...
db:
image: postgres:latest
volumes:
- "dbdata:/var/lib/postgresql/data"
volumes:
dbdata:
These are pretty much the steps I have followed in order. Basically what is outlined in the documentation:
https://docs.microsoft.com/en-us/azure/aks/azure-files-dynamic-pv
-
azure-storage-claim.yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: test-app-sc
provisioner: kubernetes.io/azure-file
mountOptions:
- dir_mode=0777
- file_mode=0777
- uid=1000
- gid=1000
- mfsymlinks
- nobrl
- cache=none
parameters:
skuName: Standard_LRS
location: westus
-
azure-storage.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: test-app-storage
spec:
accessModes:
- ReadWriteMany
storageClassName: test-app-sc
resources:
requests:
storage: 15Gi<br>
PVC is now setup.
Changed the mountPath per the Postgres image documentation:
PGDATA
This optional variable can be used to define another location — like a subdirectory — for the database files. The default is /var/lib/postgresql/data, but if the data volume you’re using is a filesystem mountpoint (like with GCE persistent disks), Postgres
initdb recommends a subdirectory (for example /var/lib/postgresql/data/pgdata ) be created to contain the data.This is an environment variable that is not Docker specific. Because the variable is used by the postgres server binary (see the PostgreSQL docs), the entrypoint script takes it into account.
Based on that, I have my postgres.yaml
setup
like the following:
apiVersion: apps/v1 kind: Deployment metadata: name: postgres-deployment spec: replicas: 1 selector: matchLabels: component: postgres template: metadata: labels: component: postgres spec: containers: - name: postgres image: postgres # I don't know, someone suggested this, but doesn't work apparently securityContext: runAsUser: 0 ports: - containerPort: 5432 env: - name: POSTGRES_DB valueFrom: secretKeyRef: name: test-app-secrets key: PGDATABASE - name: POSTGRES_USER valueFrom: secretKeyRef: name: test-app-secrets key: PGUSER - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: test-app-secrets key: PGPASSWORD - name: POSTGRES_INITDB_ARGS value: "-A md5" - name: PGDATA value: /var/lib/postgresql/data/pgdata volumeMounts: - name: postgres-storage mountPath: /var/lib/postgresql/data/pgdata subPath: postgres-storage volumes: - name: postgres-storage persistentVolumeClaim: claimName: test-app-storage --- apiVersion: v1 kind: Service metadata: name: postgres-cluster-ip-service spec: type: ClusterIP selector: component: postgres ports: - port: 1423 targetPort: 5432
You get the error:
chmod: changing permissions of '/var/lib/postgresql/data/pgdata': Operation not permitted
So with either of that as the Dockerfile:
FROM postgres:11-alpine
EXPOSE 5432
RUN /bin/bash -c 'chmod 777 /var/lib/postgresql/data'
RUN /bin/bash -c 'chmod 777 /var/lib/postgresql/data/pgdata'
Or
FROM postgres:11-alpine
EXPOSE 5432
It doesn’t really matter, you still get the same type of error by doing any the following:
...
- name: POSTGRES_INITDB_ARGS
value: "-A md5"
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data/pgdata
subPath: postgres-storage
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: test-app-storage
...<br>
Results in the following error:
The files belonging to this database system will be owned by user "postgres". This user must also own the server process.
The database cluster will be initialized with locale "en_US.utf8". The default database encoding has accordingly been set to "UTF8". The default text search configuration will be set to "english".
Data page checksums are disabled.
initdb: error: directory "/var/lib/postgresql/data" exists but is not empty If you want to create a new database system, either remove or empty the directory "/var/lib/postgresql/data" or run initdb with an argument other than "/var/lib/postgresql/data".
Try this:
...
- name: POSTGRES_INITDB_ARGS
value: "-A md5"
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data
subPath: postgres-storage
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: test-app-storage
...
And it results in this:
chmod: changing permissions of '/var/lib/postgresql/data': Operation not permitted
Try this:
...
- name: POSTGRES_INITDB_ARGS
value: "-A md5"
value: "-D /var/lib/postgresql/data/pgdata"
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data/pgdata
subPath: postgres-storage
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: test-app-storage
...
And it results in this:
The files belonging to this database system will be owned by user "postgres". This user must also own the server process.
The database cluster will be initialized with locale "en_US.utf8". The default database encoding has accordingly been set to "UTF8". The default text search configuration will be set to "english".
Data page checksums are disabled.
initdb: error: could not change permissions of directory "/var/lib/postgresql/data/pgdata": Operation not permitted fixing permissions on existing directory /var/lib/postgresql/data/pgdata ...
So nothing seems to work that I've tried and following the documentation where I can.
Someone suggested to get rid of the volume mounts like so:
...
- name: POSTGRES_INITDB_ARGS
value: "-A md5"
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: test-app-storage
...
Which, hey, that actually works! But doesn’t persist data given it just uses the Pod storage so is pretty pointless:
And sure enough when you create a table in Postgres, destroy the Pod, and then redeploy it, of course the table is no longer there.
So more than likely I’m doing something wrong, but I’ve been following the documentation and seems like this should work.
Where are things going wrong?
EDIT: Permissions in Pod
Apparently it is a permissions issue that occurs when PGDATA
is
the same directory as mountPath
.
For example:
...
- name: PGDATA
value: /var/lib/postgresql-data
volumeMounts:
- name: test-app-storage
mountPath: /var/lib/postgresql-data
subPath: postgres-storage
...
or
...
# if PGDATA is not specified it defaults to /var/lib/postgresql/data
# - name: PGDATA
# value: /var/lib/postgresql-data
volumeMounts:
- name: test-app-storage
mountPath: /var/lib/postgresql/data
subPath: postgres-storage
...
Something like this where they do not match will create the Pod, but uses Pod storage which I obviously don’t want:
# Thus /var/lib/postgresql/data
# - name: PGDATA
# value: /var/lib/postgresql-data
volumeMounts:
- name: test-app-storage
mountPath: /var/lib/postgresql-data
subPath: postgres-storage
Permissions ls
looks like this:
-l
$ ls -l drwxr-xr-x 1 root root 4096 Feb 2 06:06 apt drwxr-xr-x 1 root root 4096 Feb 2 06:07 dpkg drwxr-xr-x 2 root root 4096 Feb 2 06:06 exim4 drwxr-xr-x 2 root root 4096 Aug 28 2018 logrotate drwxr-xr-x 2 root root 4096 Nov 10 12:17 misc drwxr-xr-x 2 root root 4096 Jan 30 00:00 pam drwxr-xr-x 1 postgres postgres 4096 Feb 2 06:07 postgresql drwxrwxrwx 2 1000 1000 0 Jan 31 21:46 postgresql-data drwxr-xr-x 1 root root 4096 Jan 30 00:00 systemd drwxr-xr-x 3 root root 4096 Feb 2 06:07 ucf $ ls -l postgresql && ls -l postgresql/data && ls -l postgresql-data total 4 drwx------ 19 postgres postgres 4096 Feb 5 23:28 data total 124 drwx------ 6 postgres postgres 4096 Feb 5 23:28 base drwx------ 2 postgres postgres 4096 Feb 5 23:29 global drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_commit_ts drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_dynshmem -rw------- 1 postgres postgres 4281 Feb 5 23:28 pg_hba.conf -rw------- 1 postgres postgres 1636 Feb 5 23:28 pg_ident.conf drwx------ 4 postgres postgres 4096 Feb 5 23:33 pg_logical drwx------ 4 postgres postgres 4096 Feb 5 23:28 pg_multixact drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_notify drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_replslot drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_serial drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_snapshots drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_stat drwx------ 2 postgres postgres 4096 Feb 5 23:51 pg_stat_tmp drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_subtrans drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_tblspc drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_twophase -rw------- 1 postgres postgres 3 Feb 5 23:28 PG_VERSION drwx------ 3 postgres postgres 4096 Feb 5 23:28 pg_wal drwx------ 2 postgres postgres 4096 Feb 5 23:28 pg_xact -rw------- 1 postgres postgres 88 Feb 5 23:28 postgresql.auto.conf -rw------- 1 postgres postgres 26588 Feb 5 23:28 postgresql.conf -rw------- 1 postgres postgres 36 Feb 5 23:28 postmaster.opts -rw------- 1 postgres postgres 94 Feb 5 23:28 postmaster.pid total 0
The permissions for where it creates the data files is postgres
.
However, doing this, it doesn’t map to Azure Files and the PVC. It just stays and is destroyed with the Pod.
I think what is happening is mountPath
uses root
and PGDATA
uses postgres
,
and somehow mountPath
is
trying to use postgres
???
Really, not sure and still lost as to how to resolve it.
EDIT2
Came across this answer:
https://stackoverflow.com/a/51203031/3123109
So added the following to mine:
- name: postgres
image: postgres
command:
- /bin/chown
- -R
- "1000"
- /var/lib/postgresql/data
But this generates a new error:
The selected container has not logged any messages yet.
Progress, I guess.
Содержание
- Permission denied error for initdb
- /docker-entrypoint-initdb.d/: Permission denied #722
- Comments
- movmarcos commented Apr 29, 2020
- In db folder «Dockerfile»
- «docker-compose.yml»
- initdb: could not create directory «/var/lib/postgresql/9.4/main»: Permission denied #34
- Comments
- mrh666 commented Jul 11, 2015
- sameersbn commented Jul 11, 2015
- mrh666 commented Jul 11, 2015
- sameersbn commented Jul 12, 2015
- divmgl commented Jan 27, 2016
- mrh666 commented Jan 27, 2016
- divmgl commented Jan 27, 2016
- mrh666 commented Jan 28, 2016
- Sapphire64 commented Apr 3, 2016
- initdb: could not change permissions of directory «/var/lib/postgresql/data»: Operation not permitted #563
- Comments
- lluck42 commented Mar 26, 2019 •
- wglambert commented Mar 26, 2019
- lluck42 commented Mar 28, 2019
- tianon commented Apr 4, 2019
- Footer
- initdb: could not change permissions of directory «/var/lib/postgresql/data»: Operation not permitted #563
- Comments
- lluck42 commented Mar 26, 2019 •
- wglambert commented Mar 26, 2019
- lluck42 commented Mar 28, 2019
- tianon commented Apr 4, 2019
- Footer
Permission denied error for initdb
From: | Tom Dron |
---|---|
To: | pgsql-novice(at)postgresql(dot)org |
Subject: | Permission denied error for initdb |
Date: | 2016-11-23 07:00:54 |
Message-ID: | CADQ-uoa-RFNb9Ky+SNCyVnTRAwtdtFt2EmxPOu65Hie181pknA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-novice |
I’m trying to use PostgreSQL on a sever running Debian without root access.
I’ve installed it locally to
/.local, however when I run initdb I get the
following:
/.local/data
The files belonging to this database system will be owned by user «fbbgsa».
This user must also own the server process.
The database cluster will be initialized with locale «en_US.UTF-8».
The default database encoding has accordingly been set to «UTF8».
The default text search configuration will be set to «english».
Data page checksums are disabled.
fixing permissions on existing directory /home/.local/data . ok
creating subdirectories . ok
selecting default max_connections . 10
selecting default shared_buffers . 400kB
creating configuration files . ok
creating template1 database in /home/.local/data/base/1 . FATAL:
shmat(id=18808835) failed: Permission denied
child process exited with exit code 1
initdb: removing contents of data directory «/home/.local/data»
dt tells me that shared memory is mounted in /dev/shm, which is entirely
empty, and ipcs also displays nothing. I’m also unable to run strace to see
what initdb is doing. Is there perhaps a setting related to shared memory
that I can change, or another way to see more information about what’s
going on with shmat?
Источник
/docker-entrypoint-initdb.d/: Permission denied #722
Hi,
I am trying to build Postgres container, but I am having a issue with permissions.
I could build the container in my local test environments running Docker on Windows and Ubuntu, but running the same code in the Linux server I’am having the permission issue /docker-entrypoint-initdb.d/: Permission denied.
Could be some server setup issue?
Log:
»
fixing permissions on existing directory /var/lib/postgresql/data . ok
creating subdirectories . ok
selecting default max_connections . 100
selecting default shared_buffers . 128MB
selecting dynamic shared memory implementation . posix
creating configuration files . ok
running bootstrap script . ok
performing post-bootstrap initialization . sh: locale: not found
2020-04-29 11:15:57.554 UTC [26] WARNING: no usable system locales were found
ok
syncing data to disk . ok
Success. You can now start the database server using:
WARNING: enabling «trust» authentication for local connections
You can change this by editing pg_hba.conf or using the option -A, or
—auth-local and —auth-host, the next time you run initdb.
waiting for server to start. 2020-04-29 11:15:58.027 UTC [30] LOG: listening on Unix socket «/var/run/postgresql/.s.PGSQL.5432»
2020-04-29 11:15:58.043 UTC [31] LOG: database system was shut down at 2020-04-29 11:15:57 UTC
2020-04-29 11:15:58.045 UTC [30] LOG: database system is ready to accept connections
done
server started
CREATE DATABASE
/usr/local/bin/docker-entrypoint.sh: running /docker-entrypoint-initdb.d/00-database.sql
/docker-entrypoint-initdb.d/00-database.sql: Permission denied
«
In db folder
«Dockerfile»
FROM postgres:11.0-alpine
COPY ./init/ /docker-entrypoint-initdb.d/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
In /init/ folder inside db I have few sql scripts
«docker-compose.yml»
version: «3.1»
services:
db:
container_name: mobydq-db
restart: always
image: mobydq-db
build:
context: ./db
volumes:
— db:/var/lib/postgresql/data
env_file:
— ./.env
networks:
— network
The text was updated successfully, but these errors were encountered:
Источник
initdb: could not create directory «/var/lib/postgresql/9.4/main»: Permission denied #34
Can’t start postgres container on Mac OS, docker 1.6.2:
Any idea how can I fix it or apply some workaround?
The text was updated successfully, but these errors were encountered:
@mrh666 I think this is has something to do with shared folders on a vm. This is a very common issue. Please take a look a bitnami/bitnami-docker-mariadb#13, you might find some pointers in there.
@sameersbn I use boot2docker, not a Vagrant. But anyway issue the same. I moved to docker 1.7. Trying different directories: /opt/postgres, /tmp/postgres. Same issues. Any kind of directory permissions, privileged mode doesn’t help.
Some other ideas?
@mrh666 this is the only suggestion I can give 😄 #22 (comment)
Did you have any luck resolving this issue?
Nope. You can’t have ext2/3/4 fs on Mac.
@mrh666 I ended up having to create a Docker volume. I’ll likely switch to a data-only container today. Pretty annoying.
divmgl, right. I believe this is only solution.
Had the same issue for one simple reason: I had a docker machine with volume mounted to a vagrant folder. That vagrant folder was actually mounted to vagrant linux machine from OSX host machine. I just changed docker’s volume to point to random folder which is not mounted from OSX and it solved my problem.
Источник
initdb: could not change permissions of directory «/var/lib/postgresql/data»: Operation not permitted #563
window 10 hyperv
use minikube
The text was updated successfully, but these errors were encountered:
A Kubernetes persistent volume uses NFS, so ensure you have proper permissions set for the user in the container (which is postgres).
I think this comment is what you’re looking for
#361 (comment)
There might also be an issue with Minikube and mounting host folders, although in this instance I’m not sure since you’re using hyper-v
#560 (comment)
you see, install postgres is one-step operate, but if use docker , i face the problem in ‘postgres/data’,
I try to search a way to across the trouble. but, It seems to have failed. I cannot but go back to the mysql docke.
I’m sorry you’re having issues, but this is really not the right place to look for support. For help figuring out what’s going on with your environment/setup, I’d recommend trying the Docker Community Forums, the Docker Community Slack, or Stack Overflow.
© 2022 GitHub, Inc.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Источник
initdb: could not change permissions of directory «/var/lib/postgresql/data»: Operation not permitted #563
window 10 hyperv
use minikube
The text was updated successfully, but these errors were encountered:
A Kubernetes persistent volume uses NFS, so ensure you have proper permissions set for the user in the container (which is postgres).
I think this comment is what you’re looking for
#361 (comment)
There might also be an issue with Minikube and mounting host folders, although in this instance I’m not sure since you’re using hyper-v
#560 (comment)
you see, install postgres is one-step operate, but if use docker , i face the problem in ‘postgres/data’,
I try to search a way to across the trouble. but, It seems to have failed. I cannot but go back to the mysql docke.
I’m sorry you’re having issues, but this is really not the right place to look for support. For help figuring out what’s going on with your environment/setup, I’d recommend trying the Docker Community Forums, the Docker Community Slack, or Stack Overflow.
© 2022 GitHub, Inc.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Источник