Обсуждение: How do the Linux distributions create the Linux user/group "postgres"?
Hello,
Please note: I'm talking about the user and group "postgres" in the
Linux OS and not in the PostgreSQL server.
We're compiling PostgreSQL from source (actually 14.1) and distribute that
to our customers. They're asked to setup user and group "postgres"
before creating the cluster. As nowadays there are a lot of setup such
things in bigger installations, like LDAP or AD, etc. I'd like to know
how other installations for Linux deal with this?
Thanks
matthias
--
Matthias Apitz, ✉ guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
On 2023-01-09 07:41, Matthias Apitz wrote: > Hello, > > Please note: I'm talking about the user and group "postgres" in the > Linux OS and not in the PostgreSQL server. > > We're compiling PostgreSQL from source (actually 14.1) and distribute that > to our customers. They're asked to setup user and group "postgres" > before creating the cluster. As nowadays there are a lot of setup such > things in bigger installations, like LDAP or AD, etc. I'd like to know > how other installations for Linux deal with this? Hi Matthias, Users are generally created by the pre-install or post-install scripts of the package. The specific ways in which they are created may depend on the packaging tool being used and packager that built the distribution package. Regards, -- Thomas
On 1/9/23 07:41, Matthias Apitz wrote: > Please note: I'm talking about the user and group "postgres" in the > Linux OS and not in the PostgreSQL server. > > We're compiling PostgreSQL from source (actually 14.1) and distribute that > to our customers. They're asked to setup user and group "postgres" > before creating the cluster. As nowadays there are a lot of setup such > things in bigger installations, like LDAP or AD, etc. I'd like to know > how other installations for Linux deal with this? See for example the PGDG RPM spec file: https://git.postgresql.org/gitweb/?p=pgrpms.git;a=blob;f=rpm/redhat/main/non-common/postgresql-15/main/postgresql-15.spec;h=60cd42147a7563ba76c401643d0a7c79b59d2520;hb=HEAD 8<------------------- %pre server groupadd -g 26 -o -r postgres >/dev/null 2>&1 || : useradd -M -g postgres -o -r -d /var/lib/pgsql -s /bin/bash \ -c "PostgreSQL Server" -u 26 postgres >/dev/null 2>&1 || : 8<------------------- HTH, -- Joe Conway PostgreSQL Contributors Team RDS Open Source Databases Amazon Web Services: https://aws.amazon.com
> On 09/01/2023 13:41 CET Matthias Apitz <guru@unixarea.de> wrote: > > Hello, > > Please note: I'm talking about the user and group "postgres" in the > Linux OS and not in the PostgreSQL server. > > We're compiling PostgreSQL from source (actually 14.1) and distribute that > to our customers. They're asked to setup user and group "postgres" > before creating the cluster. As nowadays there are a lot of setup such > things in bigger installations, like LDAP or AD, etc. I'd like to know > how other installations for Linux deal with this? Arch Linux uses sysusers.d[1] to create user postgres[2][3]. [1] https://man.archlinux.org/man/sysusers.d.5 [2] https://github.com/archlinux/svntogit-packages/blob/packages/postgresql/trunk/PKGBUILD#L204 [3] https://github.com/archlinux/svntogit-packages/blob/packages/postgresql/trunk/postgresql.sysusers -- Erik
El día Montag, Januar 09, 2023 a las 08:15:33 -0500, Joe Conway escribió: > On 1/9/23 07:41, Matthias Apitz wrote: > > Please note: I'm talking about the user and group "postgres" in the > > Linux OS and not in the PostgreSQL server. > > > > We're compiling PostgreSQL from source (actually 14.1) and distribute that > > to our customers. They're asked to setup user and group "postgres" > > before creating the cluster. As nowadays there are a lot of setup such > > things in bigger installations, like LDAP or AD, etc. I'd like to know > > how other installations for Linux deal with this? > > See for example the PGDG RPM spec file: > > https://git.postgresql.org/gitweb/?p=pgrpms.git;a=blob;f=rpm/redhat/main/non-common/postgresql-15/main/postgresql-15.spec;h=60cd42147a7563ba76c401643d0a7c79b59d2520;hb=HEAD > > 8<------------------- > %pre server > groupadd -g 26 -o -r postgres >/dev/null 2>&1 || : > useradd -M -g postgres -o -r -d /var/lib/pgsql -s /bin/bash \ > -c "PostgreSQL Server" -u 26 postgres >/dev/null 2>&1 || : > 8<------------------- From the useradd(8) man page: CAVEATS You may not add a user to a NIS or LDAP group. This must be performed on the corresponding server. Similarly, if the username already exists in an external user database such as NIS or LDAP, useradd will deny the user account creation request. -- Matthias Apitz, ✉ guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub
On 1/9/23 07:15, Joe Conway wrote: > On 1/9/23 07:41, Matthias Apitz wrote: >> Please note: I'm talking about the user and group "postgres" in the >> Linux OS and not in the PostgreSQL server. >> >> We're compiling PostgreSQL from source (actually 14.1) and distribute that >> to our customers. They're asked to setup user and group "postgres" >> before creating the cluster. As nowadays there are a lot of setup such >> things in bigger installations, like LDAP or AD, etc. I'd like to know >> how other installations for Linux deal with this? > > See for example the PGDG RPM spec file: > > https://git.postgresql.org/gitweb/?p=pgrpms.git;a=blob;f=rpm/redhat/main/non-common/postgresql-15/main/postgresql-15.spec;h=60cd42147a7563ba76c401643d0a7c79b59d2520;hb=HEAD > > > 8<------------------- > %pre server > groupadd -g 26 -o -r postgres >/dev/null 2>&1 || : > useradd -M -g postgres -o -r -d /var/lib/pgsql -s /bin/bash \ > -c "PostgreSQL Server" -u 26 postgres >/dev/null 2>&1 || : > 8<------------------- What if (for example in an already-installed package) uid and gid 26 already exist? -- Born in Arizona, moved to Babylonia.
On 1/9/23 09:11, Ron wrote: > On 1/9/23 07:15, Joe Conway wrote: >> On 1/9/23 07:41, Matthias Apitz wrote: >>> Please note: I'm talking about the user and group "postgres" in the >>> Linux OS and not in the PostgreSQL server. >>> >>> We're compiling PostgreSQL from source (actually 14.1) and distribute that >>> to our customers. They're asked to setup user and group "postgres" >>> before creating the cluster. As nowadays there are a lot of setup such >>> things in bigger installations, like LDAP or AD, etc. I'd like to know >>> how other installations for Linux deal with this? >> >> See for example the PGDG RPM spec file: >> >> https://git.postgresql.org/gitweb/?p=pgrpms.git;a=blob;f=rpm/redhat/main/non-common/postgresql-15/main/postgresql-15.spec;h=60cd42147a7563ba76c401643d0a7c79b59d2520;hb=HEAD >> >> >> 8<------------------- >> %pre server >> groupadd -g 26 -o -r postgres >/dev/null 2>&1 || : >> useradd -M -g postgres -o -r -d /var/lib/pgsql -s /bin/bash \ >> -c "PostgreSQL Server" -u 26 postgres >/dev/null 2>&1 || : >> 8<------------------- > > What if (for example in an already-installed package) uid and gid 26 already > exist? The "|| :" at the end of those lines is essentially "or true" -- i.e. if the first command fails *due to preexisting uid/gid, the line still evaluates as successful. Whether that is a good thing or not is in the eye of the beholder I guess. I have thought about, and played with a bit, the idea of making the uid/gid in the community spec file a variable so that it could be passed in at rpmbuild time. But that quickly bloomed into a host of related issues -- e.g. the default "/var/lib/pgsql" for the home dir, the default "postgres" for the user/group names, and/or what to do if the username does not exist but the directory does, etc -- I ran out of energy to chase it all down. -- Joe Conway PostgreSQL Contributors Team RDS Open Source Databases Amazon Web Services: https://aws.amazon.com