Skip site navigation (1) Skip section navigation (2)

Re: apt installation postgresql 8.3

From: Walter Hurry <walterhurry(at)lavabit(dot)com>
To: pgsql-admin(at)postgresql(dot)org
Subject: Re: apt installation postgresql 8.3
Date: 2012-01-17 21:56:30
Message-ID: jf4qqe$9jb$1@dough.gmane.org (view raw or flat)
Thread:
Lists: pgsql-admin
On Mon, 16 Jan 2012 23:24:41 +0300, David M. Gullever wrote:

> Question - user postgres
> 
> If the admin is creating various "postgresql" users to work on different
> databases - is it advisable to create these as "LINUX" users so that
> they have a home directory for saving their scripts - and while we are
> about it -
> where would experienced postgresql admins (as user postgres - no home
> directory, although the set command reveals HOME=/var/lib/postgresql
> ???) save their scripts - and just one more thing... this is the second
> time that I have installed postgresql 8.3 - the first time I had lots of
> trouble just logging user postgres on to the database engine, and
> finally solved the problem with a PATH entry into /etc/profile. This
> time I just do su postgres and follow with psql (from any directory) and
> Bobs yrrr uncle - I'm in - but I cannot find a "PATH" entry for
> postmaster, so how does this work - thanks dragonfish ???
> 
> Ps - since it is not possible to logon to the system as user postgres -
> is it generally recommended that user postgres be given a password
> immediately after installation - I would think yes ??? That's a silly
> question - I take it back !!!

You are going about this entirely the wrong way, and would be well advised
to have a serious rethink about what it is you are trying to achieve.

User postgres does *not* need to log in to Unix/Linux directly, and
therefore should *not* be assigned a password.

For occasional tasks like editing postgresql.conf or pg_hba.conf, it may
be convenient to su to the postgres account rather than doing it as root.
It may of course be used to stop/start PostgreSQL if root doesn't do it;
Use cases will vary.

You should be looking to minimise use of the postgres account, rather than
the opposite. Have people do things (whether PostgreSQL superusers or not)
under their own Unix/Linux accounts:

---------------------------------------------
$ sudo su - postgres
-bash-4.2$ whoami
postgres
-bash-4.2$ psql misc
psql :FATAL:  no pg_hba.conf entry for host "[local]", user "postgres", 
database "misc", SSL off
-bash-4.2$ logout
$ whoami
walterh
$ psql misc
psql (9.1.2)
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
Type "help" for help.

misc=# \q
$ createuser anotherdba
Shall the new role be a superuser? (y/n) ^C
$
---------------------------------------------


In response to

Responses

pgsql-admin by date

Next:From: Kevin GrittnerDate: 2012-01-17 23:09:11
Subject: Re: apt installation postgresql 8.3
Previous:From: David SchnurDate: 2012-01-17 21:46:50
Subject: Re: Repeatable crash in pg_dump (with -d2 info)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group