This topic describes the rationale behind specific sudo privilege requirements for virtualizing PostgreSQL Databases.
The sudo configuration exists as /etc/sudoers file.
Below is the example of sudo configuration file contents as mentioned above for Postgres environment.
$ vi /etc/sudoers
postgres ALL=NOPASSWD: /bin/mount,/bin/umount,/bin/mkdir,/bin/rmdir
Delphix dynamically creates and removes directories under the provisioning directory during VDB operations.
Delphix dynamically mounts and unmounts directories under the provisioning directory during VDB operations. This privilege is required because mount and unmount are typically reserved for superuser.
It is required to specify the NOPASSWD qualifier within the "sudo" configuration file, as shown here: Sudo File Configuration Examples for PostgreSQL Environments. This ensures that the "sudo" command does not demand the entry of a password, even for the "display permissions" (i.e. "sudo -l") command.
AppData mount options
Depending on the NFS version used options vers=3 or vers=4.x is added (x varies depending on what that platform supports. e.g. vers=4 or vers=4.1)
(For some flavors of Linux and NFSv4.1, additional optional 'v4.1' is added)
"-f" is used for all platforms. For Linux, "-lf" is used.
Mount and unmount options subject to change
Please note that the mount and unmount options listed above are subject to change. For example, if Delphix finds that a certain option improves performance, Delphix may add, remove or change options at anytime. Therefore, it is highly recommended to create the sudo profiles using wildcards that allow any number of options.