Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Behaviour change between 9.5.20 and 9.5.21? #681

Closed
vpzomtrrfrt opened this issue Feb 14, 2020 · 48 comments
Closed

Behaviour change between 9.5.20 and 9.5.21? #681

vpzomtrrfrt opened this issue Feb 14, 2020 · 48 comments

Comments

@vpzomtrrfrt
Copy link

vpzomtrrfrt commented Feb 14, 2020

When running docker run --rm postgres:9.5.20-alpine, the database successfully starts up, but with docker run --rm postgres:9.5.21-alpine, I get this output instead:

Error: Database is uninitialized and superuser password is not specified.
       You must specify POSTGRES_PASSWORD for the superuser. Use
       "-e POSTGRES_PASSWORD=password" to set it in "docker run".

       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
       without a password. This is *not* recommended. See PostgreSQL
       documentation about "trust":
       https://www.postgresql.org/docs/current/auth-trust.html

Is this an expected change?

@vpzomtrrfrt
Copy link
Author

Based on 42ce743 it seems like it's intentional, but I find it odd to change something like that on a minor release

@aengelberg
Copy link

I just observed the same issue when bumping 9.6.16 => 9.6.17.

@vpzomtrrfrt
Copy link
Author

See also #658, the PR that seems to have introduced this

@yosifkit
Copy link
Member

We were convinced to make it more secure by default and were aware that this would break some users. Apologies for breaking changes. 🙇‍♂️ We felt that the increased security out-weighed the breakage. See #658 and #580.

If you know that you want to be insecure (i.e. any one can connect without a password from anywhere), then POSTGRES_HOST_AUTH_METHOD=trust is how you opt in to that.

We really recommend setting a password and it was really a bad decision by me in the beginning to continue to allow running the database without a password (#31 (comment) & #36)

@bxparks
Copy link

bxparks commented Feb 15, 2020

I wish a breaking change was not pushed out on a Friday. This broke our CI/CD pipeline, which I had to fix on a Saturday.

jalessio added a commit to jalessio/openstreetmap-website that referenced this issue Feb 16, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
@CloudArchipelago
Copy link

Where in a CI/CD pipeline does one place those lines -e POSTGRES_PASSWORD=password or POSTGRES_HOST_AUTH_METHOD=trust ?

@chickahoona
Copy link

As always emotions fly high when a breaking change is introduced, causing work for others ;)

I appreciate the effort that you put into maintaining this image!

Maybe one can put the fix to add "POSTGRES_HOST_AUTH_METHOD=trust" somewhere more prominent. I get it that its part of the docker output when you start the image, yet sadly not if you start it with "-d". Then you are just wondering why the next docker command complains that the database is not up ;)

@bxparks
Copy link

bxparks commented Feb 16, 2020

@CloudArchipelago: It depends on what pipeline you are using. The two that I'm familiar with is GitHub and BitBucket:

(Of course, these articles and examples will need to be updated, since they no longer work as shown.)

I don't understand exactly how these pipelines actually configure and start the Postgres service in docker. So I don't know where the -e POSTGRES_PASSWORD=password would go.

And to be honest, I don't fully understand exactly what POSTGRES_HOST_AUTH_METHOD=trust does either since it's the first time I'm seeing it. I can probably figure it out in a few hours, but y'know, it's the long weekend. I got family to take care of, out of town guests visiting, housework to do, shopping to do, don't got time to spend on this...

@ManfredLange
Copy link

Was or is there consideration to switch to something like semantic versioning? If that was the case then this change, given it's intentional and a breaking changes, would cause a major revision change and everyone could deal with it accordingly. If such a change comes through not as a major, not even as a minor but merely as a patch release (z in x.y.z), then it is highly surprising and that is what trips up processes. Just putting it out there for consideration.

@kennethteh90
Copy link

Tried @bxparks proposed workaround for our CircleCI build (we use Github) and it worked. Simply add POSTGRES_HOST_AUTH_METHOD: trust.

- image: circleci/postgres:9.6-postgis-ram
       environment:
          POSTGRES_USER: 'username'
          POSTGRES_HOST_AUTH_METHOD: trust

@Nadock
Copy link

Nadock commented Feb 17, 2020

We were just burnt by this change and would give a big +1 to adopting semver to help mitigate this in the future.

However, I'm not posting just to pile on about semver, I have one other thing I'd like to point out. When our CI pipelines starting running with this newer container image (without POSTGRES_HOST_AUTH_METHOD or POSTGRES_PASSWORD) set the postgres container looked like it was coming up and staying up correctly. Because it wasn't clear the postgres container was the issue we spent a lot of time and effort looking in the wrong place.

In future, if a change is made where the database effectively doesn't work, the container should not just sit there happily doing nothing when it's actually broken. Had the postgres container been more noticeably broken we could have saved most of the time and effort we spent looking in the wrong place for the cause of the issue.

As a slight aside, is there an official we can monitor to know about future significant or breaking changes to this container in future?

@scaytrase
Copy link

Same here, broken our CI and local development

nijel added a commit to WeblateOrg/weblate that referenced this issue Feb 17, 2020
It now requires password, otherwise it fails to start.

See docker-library/postgres#681
nijel added a commit to WeblateOrg/weblate that referenced this issue Feb 17, 2020
It now requires password, otherwise it fails to start.

See docker-library/postgres#681
reupen added a commit to uktrade/data-hub-api that referenced this issue Feb 17, 2020
The `postgres` Docker image now requires a password to be set. This sets a password in the CircleCI build to meet that requirement.

See docker-library/postgres#681 for more information.
reupen added a commit to uktrade/data-hub-api that referenced this issue Feb 17, 2020
The `postgres` Docker image now requires a password to be set. This change sets a password in the CircleCI build to meet that requirement.

See docker-library/postgres#681 for more information.
@Wapiti08
Copy link

Just change the PostgreSQL image to a more specific version, not the latest. E.g. changing to 9.5.18 fixed the problem for me

reupen added a commit to uktrade/data-hub-api that referenced this issue Feb 17, 2020
The `postgres` Docker image now requires a password to be set. This change sets a password in the CircleCI build to meet that requirement.

See docker-library/postgres#681 for more information.
reupen added a commit to uktrade/data-hub-api that referenced this issue Feb 17, 2020
The `postgres` Docker image now requires a password to be set. This change sets a password in the CircleCI build to meet that requirement.

See docker-library/postgres#681 for more information.
reupen added a commit to uktrade/data-hub-api that referenced this issue Feb 17, 2020
The `postgres` Docker image now requires a password to be set. This change sets a password in the CircleCI build to meet that requirement.

See docker-library/postgres#681 for more information.
reupen added a commit to uktrade/data-hub-api that referenced this issue Feb 17, 2020
The `postgres` Docker image now requires a password to be set. This change sets a password in the CircleCI build to meet that requirement.

See docker-library/postgres#681 for more information.
pezholio added a commit to DFE-Digital/claim-additional-payments-for-teaching that referenced this issue Feb 17, 2020
The `postgres` Docker image now requires a password to be set, so this sets
a `POSTGRES_PASSWORD` env variable in the `db` container, and a
corresponding
`DFE_TEACHERS_PAYMENT_SERVICE_DATABASE_PASSWORD` var in the
`test` container.

More info here docker-library/postgres#681
fho added a commit to simplesurance/baur-example that referenced this issue Feb 17, 2020
The postgres docker image does not allow passwordless admin user by default:
docker-library/postgres#681

auth_method=trust needs to be set to allow having no password for the postgres
user
kfrajer added a commit to kfrajer/orchestrating-docker that referenced this issue Jul 27, 2020
* The propose solution is a workaround to breaking change reported docker-library/postgres (docker-library/postgres#681)
* This change assumes the environment is safe as it allows anybody to connect to the database
migurski pushed a commit to jalessio/openstreetmap-website that referenced this issue Jul 27, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
gtbcoding pushed a commit to gtbcoding/pycon.tw that referenced this issue Jul 27, 2020
Behaviour change in docker-library/postgres newest version.
See [docker-library/postgres issue(pycontw#681)](docker-library/postgres#681)
tstyle11 added a commit to HydroProtocol/hydro-scaffold-dex that referenced this issue Aug 7, 2020
The db container is unable to start due to a breaking behavior change in
docker-librar/postgres:
docker-library/postgres#681

This is the easy fix for localhost development, however documentation should be updated to advise
users on how to configure production environments securely.
tstyle11 pushed a commit to HydroProtocol/hydro-scaffold-dex that referenced this issue Aug 11, 2020
Earlier this year docker-library/postgres introduced a breaking change:
docker-library/postgres#681

adding POSTGRES_HOST_AUTH_METHOD=trust for now to allow demo to start
running. In the long run, we should add production messages for how to
configure passwords and secrets more properly for security.
siegfault added a commit to siegfault/expiration that referenced this issue Aug 18, 2020
siegfault added a commit to siegfault/expiration that referenced this issue Aug 18, 2020
migurski pushed a commit to jalessio/openstreetmap-website that referenced this issue Nov 13, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
migurski pushed a commit to jalessio/openstreetmap-website that referenced this issue Dec 6, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
migurski pushed a commit to jalessio/openstreetmap-website that referenced this issue Dec 6, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
migurski pushed a commit to jalessio/openstreetmap-website that referenced this issue Dec 6, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
migurski pushed a commit to jalessio/openstreetmap-website that referenced this issue Dec 12, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
migurski pushed a commit to migurski/openstreetmap-website that referenced this issue Dec 20, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
migurski pushed a commit to migurski/openstreetmap-website that referenced this issue Dec 20, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
migurski pushed a commit to migurski/openstreetmap-website that referenced this issue Dec 30, 2020
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
migurski pushed a commit to migurski/openstreetmap-website that referenced this issue Jan 2, 2021
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
fiendish added a commit to kids-first/kf-api-dataservice that referenced this issue Jan 19, 2021
Postgres added a password requirement in a bug fix update. See docker-library/postgres#681
Also running migrate before upgrade fails for me.
fiendish added a commit to kids-first/kf-api-dataservice that referenced this issue Jan 19, 2021
Postgres added a password requirement in a bug fix update. See docker-library/postgres#681
migurski pushed a commit to migurski/openstreetmap-website that referenced this issue Jan 28, 2021
Fails with:
db_1   | Error: Database is uninitialized and superuser password is not specified.
db_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
db_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
db_1   |
db_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
db_1   |        without a password. This is *not* recommended. See PostgreSQL
db_1   |        documentation about "trust":
db_1   |        https://www.postgresql.org/docs/current/auth-trust.html

Appears to be related to
docker-library/postgres#681
@amotalles
Copy link

I solved my issue using below:
- POSTGRES_HOST_AUTH_METHOD=md5
- POSTGRES_INITDB_ARGS=--auth-host=md5

@tianon tianon closed this as completed Jun 8, 2022
heavenstar0531 added a commit to heavenstar0531/django-logpipe that referenced this issue Feb 13, 2023
heavenstar0531 added a commit to heavenstar0531/django-logpipe that referenced this issue Feb 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests