On Mon, 2022-10-31 at 22:03 -0700, Bryn Llewellyn wrote:
> I followed Peter's recommendation NOT to put my "clstr_mgr" O/S user in the "postgres"
> group—having earlier had it there. But doing so brought this content-free error message
> on an attempt to authorize using the intended method:
>
> Error: Invalid data directory for cluster 11 main
That*s a message from the *server*, which always runs under the same OS user.
> A bit of Googling got me to this on the pgsql-general list (from the Peter, in fact):
>
> https://www.postgresql.org/message-id/20190909171519.GA7858%40hjp.at
>
> on that very topic.
>
> It seems that the error message is simply misleading and that it should read "Cannot read
> the config_file, hba_file, or ident_file" — as they are named in this query's output":
>
> select name, setting
> from pg_settings
> where category = 'File Locations';
>
> Sure enough, neither my hba_file nor my ident_file were readable by "all" (but they were
> readable by "group"). However, the config_file was readable by "all". I've no idea what
> the history of those permissions is. Maybe I changed something along the way. I s'pose
> that I'd better regard my present installation as a dress rehearsal and simply redo it
> starting by restoring my "bare" Linux VM from file backup.
>
> Anyway, just to prove the point, I chmod'd my hba_file and my ident_file to make them
> readable by all. And the silly error message went away.
>
> However, that feels wrong to me. It would seem proper to put any user who you want to
> set up for "local", "peer" authentication into the "postgres" group.
>
> What do you (all) think?
I think that you are doing something very weird, but I have no idea what it is.
Please tell us the exact commands you ran.
The client user should *never* read the PostgreSQL configuration files, so if changing
the permissions (which you should *never* do) has an effect, you must be doing something
very strange, like trying to start the database server with the wrong user.
Yours,
Laurenz Albe
--
Cybertec | https://www.cybertec-postgresql.com