Broken "not_if" in "assign-postgres-password" in "recipes/server.rb" in "opscode-cookbooks/postgresql"


I’ve put a detailed explanation of the problem and my proposed fix at

I have already implemented my proposed fix in my forked cookbook. Just getting this out there to seek comments before I submit a pull request.

In short, It’s merely a coincidence that “assign-postgres-password” has been succeeding. Every recipe[postgresql::server] run resets the password, regardless of whether or what password is currently set.

The coincidence is a counter-intuitive effect of the following pg_hba.conf authorization rules generated by a couple of attributes/default.rb settings:


local all postgres ident
host all all md5

My proposal involves making the first of those authorizations permanently hard-coded in the pg_hba.conf.erb template.

David Crane