Re: Postgres superuser & password on Red Hat; upgrade?

Laurel Williams wrote:
>I completely forgot to say that I'd tried passwd, too. But I can't do it
>as Postgres, because I don't know the original password. And if I log in

There probably isn't an original password. Typically, the user will be
created with a * in the password field (in /etc/shadow). This means it
is impossible to log in directly as that user; you have to go through su.

>as root and say "passwd postgres", it has the exact same bug as with
>Linuxconf/Userconf. I enter the new password once, then the second time,
>hit enter, and it just hangs. After a few moments it says
>"Passwd: Critical error - immediate abort" and goes back to the root
>prompt.

That seems to indicate a very horrid bug in your operating system. Check
the contents of /etc/passwd and /etc/shadow, to see that no-one has
corrupted them by trying hand-editing - every line should have the same
structure (see `man 5 passwd'). If you're using traditional crypt passwords,
the password field should be 13 characters long. If there's no apparent
problem there, ask for help on your distribution mailing lists.

Another thing: does this happen for any other user?

>And, when I look in shadow.... unlike 'nobody' et al., Postgres doesn't
>have the * --it has a long string of gibberish, indicating that it
>*does* have a password. And my brother, who installed Red Hat with the
>Postgres RPM in the first place and is very familiar with Linux (this is
>a very small business, a family thing) insists that at no time did he
>get prompted to enter a password for it.

If it's distributed with a password set, it sounds like poor practice to
me. Perhaps passwd has got as far as altering /etc/shadow?

Check there is an x in the password field of /etc/passwd. Then try
editing the password string back to a * and try passwd again to set
a password.

>So, here is postgres, having some (it appears) random? password, but I
>can't change the password, because it hangs/crashes every time, no
>matter the method.
>
>But it sounds like people are saying that that's not a problem, really,
>because it's all right to log into Postgres from root and that does not
>(contrary to my random newbie ideas) make me root.. And anyway, if it
>really concerned me, I could just log in to PostgreSQL as Postgres and
>create a new superuser (one with createuser privs), and use the new
>superuser in place of Postgres, if I wished.
>
>Also, one person has suggested I delete and re-create Postgres, which I
>will be trying in a little bit.

That probably would not remove the postgres user from Linux (I would be
very unhappy if distribution scripts messed with /etc/passwd!)

--
Oliver Elphick Oliver(dot)Elphick(at)lfix(dot)co(dot)uk
Isle of Wight http://www.lfix.co.uk/oliver
PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C
========================================
"For the eyes of the LORD run to and fro throughout the
whole earth, to show himself strong in the behalf of
them whose heart is perfect toward him..."
II Chronicles 16:9