Обсуждение: Installing Postgres without the postgres user and group on Linux?
Is it possible to install and then subsequently run the postgres engine on Linux without creating the postgres user and group? We have some folks implementing LDAP that are resistant to creating a postgres account and group and would rather create machine specific accounts (like one does for Windows with SQL Server).
I always thought that if the postgres user and group were not there upon install (which is done as root), that the installation process would create them for you, am I missing something?
Thanks for any input that will provide me with ample ammunition to thwart this silly idea.
Joe Plugge
> Is it possible to install and then subsequently run the postgres engine on > Linux without creating the postgres user and group? We have some folks > implementing LDAP that are resistant to creating a postgres account and > group and would rather create machine specific accounts (like one does for > Windows with SQL Server). > > I always thought that if the postgres user and group were not there upon > install (which is done as root), that the installation process would create > them for you, am I missing something? > > Thanks for any input that will provide me with ample ammunition to thwart > this silly idea. > > Joe Plugge Is there any problem with configuring postgres user and group in /etc/passwd and /etc/group respectively? You can configure PAM to accept user authentication from multiple sources. See e. g. http://ldots.org/ldap/ -- Zdeněk Bělehrádek
"Plugge, Joe R." <JRPlugge@west.com> writes:
> Is it possible to install and then subsequently run the postgres engine on Linux without creating the postgres user
andgroup? We have some folks implementing LDAP that are resistant to creating a postgres account and group and would
rathercreate machine specific accounts (like one does for Windows with SQL Server).
The server source code has no particular allegiance to any OS username.
You can run it under whatever account you want.
> I always thought that if the postgres user and group were not there upon install (which is done as root), that the
installationprocess would create them for you, am I missing something?
Particular packagings of Postgres might act like that --- for instance,
the Fedora/Red Hat RPMs would try to create such a user&group. But you
did not say whose packaging you were thinking of using. In any case
you could run the executables under some other user ID if you then
adjusted file ownerships and startup scripts appropriately.
regards, tom lane
Understood, but I thought that the install routine (in this case compiled from source on RHEL 6) will create the local
userand group named postgres and chown the config and data dirs to that ....
PGDATA=/var/postgresql/log/data
-rw------- 1 postgres postgres 4 Jan 7 15:18 PG_VERSION
drwx------ 2 postgres postgres 4096 Jan 7 15:18 pg_twophase
drwx------ 4 postgres postgres 4096 Jan 7 15:18 pg_multixact
-rw------- 1 postgres postgres 1631 Jan 7 15:18 pg_ident.conf
-rw------- 1 postgres postgres 16908 Jan 7 15:18 orig_postgresql.conf
-rw------- 1 postgres postgres 3652 Jan 7 15:18 orig_pg_hba.conf
-rw------- 1 postgres postgres 17929 Jan 7 15:21 postgresql.conf
-rw------- 1 postgres postgres 4160 Jan 7 15:21 pg_hba.conf
drwx------ 6 postgres postgres 4096 Jan 11 17:19 base
-rw------- 1 postgres postgres 37 Jan 16 12:16 postmaster.opts
drwx------ 2 postgres postgres 4096 Jan 17 11:37 pg_clog
drwx------ 2 postgres postgres 4096 Jan 17 11:46 pg_subtrans
drwx------ 3 postgres postgres 4096 Jan 17 11:47 pg_xlog
drwx------ 2 postgres postgres 4096 Jan 17 11:47 pg_tblspc
drwx------ 2 postgres postgres 4096 Jan 18 10:51 pg_stat_tmp
drwx------ 2 postgres postgres 4096 Jan 18 10:51 global
-----Original Message-----
From: Tom Lane [mailto:tgl@sss.pgh.pa.us]
Sent: Wednesday, January 23, 2013 10:29 AM
To: Plugge, Joe R.
Cc: pgsql-admin@postgresql.org
Subject: Re: [ADMIN] Installing Postgres without the postgres user and group on Linux?
"Plugge, Joe R." <JRPlugge@west.com> writes:
> Is it possible to install and then subsequently run the postgres engine on Linux without creating the postgres user
andgroup? We have some folks implementing LDAP that are resistant to creating a postgres account and group and would
rathercreate machine specific accounts (like one does for Windows with SQL Server).
The server source code has no particular allegiance to any OS username.
You can run it under whatever account you want.
> I always thought that if the postgres user and group were not there upon install (which is done as root), that the
installationprocess would create them for you, am I missing something?
Particular packagings of Postgres might act like that --- for instance, the Fedora/Red Hat RPMs would try to create
sucha user&group. But you did not say whose packaging you were thinking of using. In any case you could run the
executablesunder some other user ID if you then adjusted file ownerships and startup scripts appropriately.
regards, tom lane
"Plugge, Joe R." <JRPlugge@west.com> writes:
> Understood, but I thought that the install routine (in this case compiled from source on RHEL 6) will create the
localuser and group named postgres and chown the config and data dirs to that ....
The unmodified Postgres sources will certainly do no such thing.
regards, tom lane
You are correct, it is because I ran initdb as user postgres .... I am following you now .. .thanks for the
clarification.
-----Original Message-----
From: Tom Lane [mailto:tgl@sss.pgh.pa.us]
Sent: Wednesday, January 23, 2013 11:04 AM
To: Plugge, Joe R.
Cc: pgsql-admin@postgresql.org
Subject: Re: [ADMIN] Installing Postgres without the postgres user and group on Linux?
"Plugge, Joe R." <JRPlugge@west.com> writes:
> Understood, but I thought that the install routine (in this case compiled from source on RHEL 6) will create the
localuser and group named postgres and chown the config and data dirs to that ....
The unmodified Postgres sources will certainly do no such thing.
regards, tom lane