Postgresql_query won't run with 'unable to connect to database'

dulhaver · May 12, 2025, 1:34pm

I have this TASK (reloading a postgres database with SQL) that I am sending to a couple of postgres servers.

    - name: reload postgres
      community.postgresql.postgresql_query:
        login_unix_socket: /tmp
        db: postgres
        query: "SELECT pg_reload_conf()"
      become: true
      become_user: postgres

about 40% of them come back with "unable to connect to database: fe_sendauth: no password supplied error.

the postgres user get’s its password locally from a ~/.pgpass file and running that SQL locally works.

Any idea, what the rootcause here might be?

Lyle_McKarns · May 12, 2025, 2:32pm

Just to confirm, ansible is logging in with a user (such as ansible) and then using become to operate as the postgres user?

I can’t jump right to a root cause, but some thoughts

Are the 40% of failing servers always the same ones?
Have you confirmed the existence/permissions of ~/.pgpass on a working/not working system?

dulhaver · May 12, 2025, 5:55pm

yes, precisely

yes, always the same one.

I took one as example.

~/.pgpass works fine locally
even if I set localhost connections to trust in pg_hba.conf on that exact server I get the same "unable to connect to database: fe_sendauth: no password supplied error from ansible

my current workaround is to got through shell and pg_ctl -D $PGDATA reload as the postgres user.

Lyle_McKarns · May 12, 2025, 6:19pm

Two other things I’d check

run the ansible tasks with with -v (anywhere from one to 5 v’s)
check out system logs to see if there’s anything indicating what might be happening.

wayt · May 13, 2025, 1:41am

Any chance these are servers running SELinux and you’re hitting a labeling issue on those hosts?

ads · May 13, 2025, 2:48am

Is the socket directory (/tmp) correct?

Is the database running before you run this command? Try a simple “SELECT 1” and see if that produces the same error.

dulhaver · May 14, 2025, 11:24am

yes the socket /tmp is correct
a SELECT 1 query fails on the same machines with the same error

.. SELinux … you’re hitting a labeling issue on those hosts?

I compared a failing and a working hosts. Context (as per ls -laZ) is identical.

ads · May 14, 2025, 2:27pm

This then is an authentication problem with your database.

Running queries as postgres user should always be allowed in pg_hba.conf.

Topic		Replies	Views
postgresql_user module: fe_sendauth: no password supplied Ansible Project	2	18	December 22, 2014
Login to Postgresql to create a new database Get Help collections , postgresql	6	433	August 21, 2024
postgres_user: crypted password not working Ansible Project ubuntu	5	11	October 27, 2015
Unable to connect to postgres using postgesql_db ansible module Get Help postgresql , ansible	6	491	June 22, 2024
postgresql_user module failed to authenticate as postgres when set ansible_become Ansible Project	3	31	April 1, 2016

Postgresql_query won't run with 'unable to connect to database'

Related topics