Ansible AWX install: cannot create directory '/var/lib/pgsql/data/userdata': Permission denied

Ansible AWX Install: Fix 'Cannot Create Directory /var/lib/pgsql/data/userdata: Permission Denied'

Ansible AWX is a popular open-source web-based application that provides a user interface, REST API, and task engine for Ansible automation. However, while installing Ansible AWX, many users encounter the error "cannot create directory '/var/lib/pgsql/data/userdata': Permission denied". This article will explain why this error occurs and provide a step-by-step solution to fix it.

Understanding the Error

When installing AWX with PostgreSQL as the database, the installer often requires specific permissions to create necessary directories. The error "cannot create directory '/var/lib/pgsql/data/userdata': Permission denied" usually means the installer or the PostgreSQL service account doesn’t have adequate permissions to create or access the required directories in /var/lib/pgsql.

This issue can be due to various reasons:

• Improper file system permissions
• Incorrect ownership of the /var/lib/pgsql directory
• SELinux policies restricting access

Solution: Granting Required Permissions

To resolve this issue, we will check and adjust the necessary file permissions, verify SELinux configurations, and ensure PostgreSQL service account ownership.

Step 1: Check PostgreSQL Service User

First, identify the service user account used by PostgreSQL. Generally, it’s postgres, but you can verify by running:

ps aux | grep postgres

Once identified, ensure that this user has appropriate permissions to create directories within /var/lib/pgsql.

Step 2: Set Directory Permissions

Run the following commands to set the necessary ownership and permissions:

sudo chown -R postgres:postgres /var/lib/pgsql/data
sudo chmod -R 700 /var/lib/pgsql/data

This ensures the PostgreSQL user owns the directory and has sufficient permissions.

Step 3: Verify SELinux Status

If SELinux is enabled, it might block directory creation. You can check SELinux status with:

getenforce

If it's set to Enforcing, try temporarily disabling it for testing:

sudo setenforce 0

Then attempt to reinstall AWX. If this resolves the issue, consider creating specific SELinux policies to allow PostgreSQL access to /var/lib/pgsql/data while keeping SELinux enabled.

Step 4: Restart Services

After making permission and SELinux adjustments, restart PostgreSQL and AWX services:

sudo systemctl restart postgresql
sudo systemctl restart awx

This ensures all changes take effect, potentially resolving the issue.

Additional Tips for Ansible AWX Installation

During Ansible AWX installation, it’s crucial to double-check all dependencies, such as Docker or Podman, as well as Kubernetes configurations if AWX is deployed on Kubernetes.

1. Validate PostgreSQL Configuration

Ensure the postgresql.conf and pg_hba.conf files are correctly set up, as misconfigurations can cause connectivity and permission errors. Check PostgreSQL configurations by running:

sudo nano /var/lib/pgsql/data/postgresql.conf

Ensure listen_addresses is set to '*' and max_connections is adjusted for your AWX setup.

2. Proper Docker Configuration

If you’re using Docker to deploy AWX, verify that Docker has the necessary permissions and storage settings. Run:

sudo systemctl status docker

Ensure that Docker is running and has adequate resources for AWX deployment.

3. Using AWX Operator for Simplified Installation

The AWX Operator is a Kubernetes-based method for deploying AWX, which might simplify configuration issues. For users with Kubernetes experience, deploying AWX using the AWX Operator can avoid several common issues, including directory permission errors.

To install AWX via the AWX Operator, follow these steps:

1. Install Kubernetes or Minikube (for local testing).
2. Run kubectl apply -f https://raw.githubusercontent.com/ansible/awx-operator/HEAD/deploy/awx-operator.yaml.
3. Configure your AWX instance using a Kubernetes manifest.

Conclusion

Following these steps should help you resolve the "cannot create directory '/var/lib/pgsql/data/userdata': Permission denied" error during Ansible AWX installation. By setting correct permissions, configuring SELinux policies, and verifying PostgreSQL settings, you can ensure a smooth installation.

For further support, consult the Ansible AWX GitHub repository or the official Ansible documentation.