Re: authentication/privileges

On 2013-05-10, Alvaro Herrera <alvherre@2ndquadrant.com> wrote:
> Tom Lane escribió:
>
>> It's fairly common for distro-supplied packages to create a postgres
>> OS user but not assign it any password.  In that state, the only way to
>> become postgres is to "su" to it from root, or perhaps from a sudoer
>> account with root-equivalent privileges.  While that might be okay
>> for machines with just one person administering everything, I can't
>> say that I think it's recommendable practice in general: you don't
>> want to have to give somebody root to let them admin the database.
>> Better to give the postgres user a password.
>
> Of course, it's also possible to give multiple people sudo-to-postgres
> capability without giving them sudo-to-root.

Or to grant "superuser" to other database user accounts, and leave
the postgres user for internal use.

--
⚂⚃ 100% natural