Deployment of PostgreSQL configuration for mailManagement permissions have an issue:
SELECT,INSERT,UPDATE,DELETE provided for object schema
The current privileges config when running this command was:
pillar/dbserver/cluster-A.sls
mailManagement:
[…]
privileges:
- database: mail
scope: schema
privileges:
- SELECT
- INSERT
- UPDATE
- DELETE
tables:
- ALLScope need to be changed to "tables", or the privileges can be simplified like this:
privileges:
- database: mail
scope: schema
privileges:
- ALLSalt stacktrace:
Complector
$ salt db-A-001 state.apply roles/dbserver-pgsql/server […] ---------- ID: dbserver_pgsql_user_mailManagement_privilege_1_public Function: postgres_privileges.present Name: mailManagement Result: False Comment: An exception occurred in this state: Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/salt/state.py", line 2423, in call ret = self.states[cdata["full"]]( File "/usr/local/lib/python3.9/site-packages/salt/loader/lazy.py", line 159, in __call__ ret = self.loader.run(run_func, *args, **kwargs) File "/usr/local/lib/python3.9/site-packages/salt/loader/lazy.py", line 1245, in run return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs) File "/usr/local/lib/python3.9/site-packages/salt/loader/lazy.py", line 1260, in _run_as return _func_or_method(*args, **kwargs) File "/usr/local/lib/python3.9/site-packages/salt/loader/lazy.py", line 1293, in wrapper return f(*args, **kwargs) File "/usr/local/lib/python3.9/site-packages/salt/states/postgres_privileges.py", line 184, in present if not __salt__["postgres.has_privileges"]( File "/usr/local/lib/python3.9/site-packages/salt/loader/lazy.py", line 159, in __call__ ret = self.loader.run(run_func, *args, **kwargs) File "/usr/local/lib/python3.9/site-packages/salt/loader/lazy.py", line 1245, in run return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs) File "/usr/local/lib/python3.9/site-packages/salt/loader/lazy.py", line 1260, in _run_as return _func_or_method(*args, **kwargs) File "/usr/local/lib/python3.9/site-packages/salt/modules/postgres.py", line 3263, in has_privileges _validate_privileges(object_type, _privs, privileges) File "/usr/local/lib/python3.9/site-packages/salt/modules/postgres.py", line 3033, in _validate_privileges raise SaltInvocationError( salt.exceptions.SaltInvocationError: Invalid privilege(s): SELECT,INSERT,UPDATE,DELETE provided for object schema Started: 22:13:57.100751 Duration: 43.569 ms Changes: […]