initdb: error: could not change permissions of directory "/var/lib/postgresql/data/pgdata": Operation not permitted

[shazolKh]

ERROR

Getting the following error while trying to running the postgres:13 image on Kubernetes using StatefulSet:

chmod: changing permissions of '/var/lib/postgresql/data/pgdata': Operation not permitted
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.
The database cluster will be initialized with locale "en_US.utf8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".
Data page checksums are disabled.
initdb: error: could not change permissions of directory "/var/lib/postgresql/data/pgdata": Operation not permitted
fixing permissions on existing directory /var/lib/postgresql/data/pgdata ...

And in my k8s-manifest file, I used the mountPath as /var/lib/postgresql/data. And the variable PGDATA as /var/lib/postgresql/data/pgdata as stated in https://hub.docker.com/_/postgres:

This optional variable can be used to define another location - like a subdirectory - for the database files. The default is /var/lib/postgresql/data. If the data volume you're using is a filesystem mountpoint (like with GCE persistent disks) or remote folder that cannot be chowned to the postgres user (like some NFS mounts), Postgres initdb recommends a subdirectory be created to contain the data.

For example:

$ docker run -d \ --name some-postgres \ -e POSTGRES_PASSWORD=mysecretpassword \ -e PGDATA=/var/lib/postgresql/data/pgdata \ -v /custom/mount:/var/lib/postgresql/data \ postgres

---

SOLUTION

I tried various methods to solve this problem but nothing worked out. After a while, I found out in the Dockerfile of Postgres, at line 27 and line 185, they used the values /var/lib/postgresql and PGDATA: /var/lib/postgresql/data. So, I changed the values accordingly on my k8s manifest file.

AND THIS SOLVED MY ISSUES.

[tianon]

I'm sorry, but I'm not sure I understand what you're trying to suggest we should do here? From what I can tell, you had a problem with your deployment and you resolved it successfully, and I'm confused why that warranted opening an issue to tell us about it. :sweat_smile: :bow:

[shazolKh]

I'm sorry, but I'm not sure I understand what you're trying to suggest we should do here? From what I can tell, you had a problem with your deployment and you resolved it successfully, and I'm confused why that warranted opening an issue to tell us about it. 😅 🙇

The point is, the doc on docker hub should be updated (obviously after tests). & I'm sorry for the confusion but I think, people can be benefited from this issue. 🙄🥱

[yosifkit]

The docs are written for the average Docker use case, so the defined VOLUME /var/lib/postgresql/data would prevent them from successfully using a mount target on /var/lib/postgresql/ since it would only contain a single directory (data) that would be mounted elsewhere because of the automatic anonymous volume. So, if they do need their data to not be at the root of the respective volume, then it only works for them if they chose a PGDATA directory deeper (or outside of) the default volume location.

I don't know the particulars of your setup or exactly why it was failing. I would guess it was permissions based as it seemed like your setup would not allow chown, but it would accept a directory already populated (from the image) with the correct permissions into the volume claim.

[edmiachkov]

It was helpful for my custom Helm Chart. Thank you @shazolKh !