On Mon, 2022-10-31 at 22:03 -0700, Bryn Llewellyn wrote: > I followed Peter's recommendation NOT to put my "clstr_mgr" O/S user in the > "postgres" > group—having earlier had it there. But doing so brought this content-free > error message > on an attempt to authorize using the intended method: > > Error: Invalid data directory for cluster 11 main
That*s a message from the *server*, which always runs under the same OS user. > A bit of Googling got me to this on the pgsql-general list (from the Peter, > in fact): > > https://www.postgresql.org/message-id/20190909171519.GA7858%40hjp.at > > on that very topic. > > It seems that the error message is simply misleading and that it should read > "Cannot read > the config_file, hba_file, or ident_file" — as they are named in this query's > output": > > select name, setting > from pg_settings > where category = 'File Locations'; > > Sure enough, neither my hba_file nor my ident_file were readable by "all" > (but they were > readable by "group"). However, the config_file was readable by "all". I've no > idea what > the history of those permissions is. Maybe I changed something along the way. > I s'pose > that I'd better regard my present installation as a dress rehearsal and > simply redo it > starting by restoring my "bare" Linux VM from file backup. > > Anyway, just to prove the point, I chmod'd my hba_file and my ident_file to > make them > readable by all. And the silly error message went away. > > However, that feels wrong to me. It would seem proper to put any user who you > want to > set up for "local", "peer" authentication into the "postgres" group. > > What do you (all) think? I think that you are doing something very weird, but I have no idea what it is. Please tell us the exact commands you ran. The client user should *never* read the PostgreSQL configuration files, so if changing the permissions (which you should *never* do) has an effect, you must be doing something very strange, like trying to start the database server with the wrong user. Yours, Laurenz Albe -- Cybertec | https://www.cybertec-postgresql.com
