Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

barman switch-wal <server> as regular user results in: EXCEPTION: See log file for more details. #319

Closed
epolkerman opened this issue Jan 21, 2021 · 2 comments
Closed

barman switch-wal <server> as regular user results in: EXCEPTION: See log file for more details. #319

epolkerman opened this issue Jan 21, 2021 · 2 comments
Milestone
2.14

Comments

@epolkerman
Copy link

barman 2.12
postgresql 13.1

Following configuration for server:

[ssh-pg-master]
description =  "Master PostgreSQL Database (via ssh)"
ssh_command = ssh postgres@<ip-address>
conninfo = host=<ip-address> user=barman dbname=postgres

backup_method = rsync
backup_options = exclusive_backup
reuse_backup = link
archiver = on

streaming_archiver = on
slot_name = barman

User barman is a regular user with the required set of privileges.

Run following command:
barman --log-level DEBUG switch-wal --force ssh-pg-master
As expected and described in the documentation this will fail because the --force option requires superuser attritbute:
ERROR: Barman switch-wal requires superuser rights

Run command without --force:
barman --log-level DEBUG switch-wal ssh-pg-master

It is expected that the command runs correctly, but in stead it returns an exception:
EXCEPTION:
See log file for more details.

Checking the postgresql logfile it can be seen that the same wrong query is used to check if user has all needed privileges as described in issue #318

From barman logfile a python exception can be seen in stead of a more user friendly error message.
Proposal:
Catch current exception and give a correct warning message (when conditions aren't met) like:
Privileges for PostgreSQL backup functions are required (see documentation)

barman2.log
postgres2.log
@epolkerman
Copy link
Author

Also barman replication-status fails with: EXCEPTION: See logfile for more details.

Probably all command requireing a check on needed privileges will fail using wrong query an poor exception handling

@amenonsen amenonsen added this to the 2.14 milestone Jul 29, 2021
@amenonsen
Copy link
Contributor

Thanks for the report. Since this is related to #318, I've added it to the next release milestone as well.

amenonsen pushed a commit that referenced this issue Sep 17, 2021
@didiermichel @amenonsen
Remove userepl from has_backup_privileges query
17d2bcc 
We require two Postgres users, barman (a superuser) and streaming_barman
(a non-superuser with replication privileges). We connect as user barman
to execute queries (e.g., read pg_settings, or run pg_start_backup), and
as streaming_barman to create a replication slot and run pg_receivewal.

In Postgres v10+, the barman user does not need to be a superuser, but
can be a regular user that is granted permissions to read settings and
execute backup functions. Commit #8f5a5af added support for this setup,
but incorrectly introduced "userepl" privileges into the equation.

The barman user does not need the "replication" privilege, which grants
neither EXECUTE permissions on backup functions, nor the ability to read
settings (i.e., doing `createuser --replication barman` would still mean
having to GRANT all required privileges separately).

As reported in #318 and #319, this confusion results in some unfortunate
behaviour (a failing check and an empty exception). We fix both problems
here by removing userepl from the has_backup_privileges query, and also
introducing a better exception message.

Now if the barman user is not a superuser, it must be a member of the
pg_read_all_{stats,settings} roles (or a member of pg_monitor, which
implies both), and it must also have EXECUTE privileges on functions
pg_{start,stop}_backup, pg_create_restore_point, and pg_switch_wal.
The requirements for streaming_barman are unchanged; it must have
replication privileges.

Closes #318
Closes #319
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.14
Development

No branches or pull requests
2 participants
@amenonsen @epolkerman