Re: Seeking the correct term of art for the (unique) role that is usually called "postgres"—and the mental model that underlies it all

On Thu, Oct 27, 2022 at 3:24 PM Bryn Llewellyn <bryn(at)yugabyte(dot)com> wrote:

> *«*
> *You can start a session without specifying the name of the cluster role
> as which to authorize, its password, and the name of the database to which
> to connect, ONLY when these things are true:*
>
>
>
> *1. The within-cluster catalog-owning role has a certain name, say
> "pg_system" (or "bob").2. The O/S user that owns (most of) the O/S
> presence of the cluster and the software that accesses it has the identical
> name "pg_system"** (or "bob")**.*
>
> *3. The current O/S user when you make the attempt to connect is
> "pg_system"** (or "bob")**.*
> *»*
>
> I want to know if my hypothesis is correct.
>

It is not. "By default" probably, but not "only".

Peer authentication means:

If the local O/S user (bob) running "psql" requests to login to the
database using that same* role name (bob) and the role exists in the
cluster, accept the authentication attempt.

* You can implement aliases by using an identity mapping.

Nothing more, nothing less.

> And, more importantly, I want to know where I can read a nicely written
> linear account of what *is* correct tha defines and then uses the official
> terms of art.
>

It doesn't exist, deal with it. Most people just call the "bootstrap" role
"postgres" when not talking about a specific installed cluster that happens
to use something different. In any case, no matter what terminology is
used everyone seems to figure out what is being referred to from context at
least and largely don't make a big deal about it. Unless you actually want
to write the documentation just pick something you like and go with it.