Thanks for the help. I ended up removing the postgres user on the puppet
agent machine and directing puppet in the module manifest file to create
the postgres user. And now Exec ["postgres init"] runs properly.
On Tuesday, March 19, 2013 10:30:09 AM UTC-4, Brandon Groves wrote:
>
> I am using Puppet 3.1.0 on a CentOS 6.3 machines. The puppet master and
> puppet agents use CentOS 6.3 as their OS. I have a puppet script (init.pp
> file for the puppet module) that contains the following exec type:
>
> exec { "postgres init":
>
> cwd => "/applications/module",
>
> command => "bash initializePostgres.sh",
>
> user => "postgres",
>
> group => "postgres"
>
> }
>
>
> As the code alludes to, I am directing puppet to initialize a PostgreSQL
> database via a shell script. cwd changes the working directory to the
> module's destination, and the initializePostgres shell script is executed
> as user postgres (belonging to group postgres). The puppet agents OS has a
> user postgres belonging to group postgres.
>
> The shell script contains an initdb command that initializes a postgres
> PGDATA directory, and both have the following permissions:
>
> [root@host]# ls -al initializePostgres.sh
> -rwxr-x---. 1 postgres postgres 2231 Mar 14 18:04 initializePostgres.sh
>
> [root@host]# ls -ald data
> drwxr-xr-x. 2 postgres postgres 4096 Mar 18 17:34 data
>
>
> When Exec ["postgres init"] is ran, /var/log/messages on the the puppet
> agent has several lines printed similar to the following:
> kernel: type=1400 audit(1363697390.681:566): avc: denied { read write }
> for pid=14834 comm="postgres" path="/tmp/puppet20130319-14620-1wpyixh-0"
> dev=dm-0 ino=1702615 scontext=unconf
> ined_u:system_r:postgresql_t:s0
> tcontext=unconfined_u:object_r:initrc_tmp_t:s0 tclass=file
>
> Basically, the messages are complaining that user postgres, via the
> execution of initdb PostrgreSQL command, cannot write files to data, the
> destined PGDATA directory, which has proper permissions as shown above by
> the ls -ald data.
>
> So, the problem is that Exec ["postgres init"] does not run as expected
> because the initdb command in the shell script fails to write files to the
> data directory. All the permissions on the files and directories are
> correct and when I do:
>
> [root@host]# su postgres
>
> bash-4.1$ ./initializePostgres.sh
>
> , the script works correctly without error.
>
> Any help is appreciated.
>
> Thanks,
> Brandon
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
