Обсуждение: apt installation postgresql 8.3

Поиск
Список
Период
Сортировка

apt installation postgresql 8.3

От
"David M. Gullever"
Дата:
Question - user postgres


If the admin is creating various "postgresql" users to work on different
databases - is it advisable to create these as "LINUX" users so that they
have a home directory for saving their scripts - and while we are about it -
where would experienced postgresql admins (as user postgres - no home
directory, although the set command reveals HOME=/var/lib/postgresql ???)
save their scripts - and just one more thing... this is the second time that
I have installed postgresql 8.3 - the first time I had lots of trouble just
logging user postgres on to the database engine, and finally solved the
problem with a PATH entry into /etc/profile. This time I just do su postgres
and follow with psql (from any directory) and Bobs yrrr uncle - I'm in - but
I cannot find a "PATH" entry for postmaster, so how does this work - thanks
dragonfish ???

Ps - since it is not possible to logon to the system as user postgres - is
it generally recommended that user postgres be given a password immediately
after installation - I would think yes ??? That's a silly question - I take
it back !!!

-----------------------------------------
Meddle not in the affairs of Dragons
For you are crunchy and good with Mustard
David M. Gullever
david.gullever@web.de
-----------------------------------------


Re: apt installation postgresql 8.3

От
Walter Hurry
Дата:
On Mon, 16 Jan 2012 23:24:41 +0300, David M. Gullever wrote:

> Question - user postgres
>
> If the admin is creating various "postgresql" users to work on different
> databases - is it advisable to create these as "LINUX" users so that
> they have a home directory for saving their scripts - and while we are
> about it -
> where would experienced postgresql admins (as user postgres - no home
> directory, although the set command reveals HOME=/var/lib/postgresql
> ???) save their scripts - and just one more thing... this is the second
> time that I have installed postgresql 8.3 - the first time I had lots of
> trouble just logging user postgres on to the database engine, and
> finally solved the problem with a PATH entry into /etc/profile. This
> time I just do su postgres and follow with psql (from any directory) and
> Bobs yrrr uncle - I'm in - but I cannot find a "PATH" entry for
> postmaster, so how does this work - thanks dragonfish ???
>
> Ps - since it is not possible to logon to the system as user postgres -
> is it generally recommended that user postgres be given a password
> immediately after installation - I would think yes ??? That's a silly
> question - I take it back !!!

You are going about this entirely the wrong way, and would be well advised
to have a serious rethink about what it is you are trying to achieve.

User postgres does *not* need to log in to Unix/Linux directly, and
therefore should *not* be assigned a password.

For occasional tasks like editing postgresql.conf or pg_hba.conf, it may
be convenient to su to the postgres account rather than doing it as root.
It may of course be used to stop/start PostgreSQL if root doesn't do it;
Use cases will vary.

You should be looking to minimise use of the postgres account, rather than
the opposite. Have people do things (whether PostgreSQL superusers or not)
under their own Unix/Linux accounts:

---------------------------------------------
$ sudo su - postgres
-bash-4.2$ whoami
postgres
-bash-4.2$ psql misc
psql :FATAL:  no pg_hba.conf entry for host "[local]", user "postgres",
database "misc", SSL off
-bash-4.2$ logout
$ whoami
walterh
$ psql misc
psql (9.1.2)
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
Type "help" for help.

misc=# \q
$ createuser anotherdba
Shall the new role be a superuser? (y/n) ^C
$
---------------------------------------------

Re: apt installation postgresql 8.3

От
"Kevin Grittner"
Дата:
Walter Hurry <walterhurry@lavabit.com> wrote:

> User postgres does *not* need to log in to Unix/Linux directly,
> and therefore should *not* be assigned a password.

I totally agree.  In fact, for most use-cases, you don't need or
want the users of the database to be able to log on to the box with
the database.  Let them connect remotely.

-Kevin