Discussion:
Installing Postgres without the postgres user and group on Linux?
(too old to reply)
Plugge, Joe R.
2013-01-23 14:41:48 UTC
Permalink
Is it possible to install and then subsequently run the postgres engine on Linux without creating the postgres user and group? We have some folks implementing LDAP that are resistant to creating a postgres account and group and would rather create machine specific accounts (like one does for Windows with SQL Server).

I always thought that if the postgres user and group were not there upon install (which is done as root), that the installation process would create them for you, am I missing something?

Thanks for any input that will provide me with ample ammunition to thwart this silly idea.

Joe Plugge
Zdeněk Bělehrádek
2013-01-23 15:44:05 UTC
Permalink
Post by Plugge, Joe R.
Is it possible to install and then subsequently run the postgres engine on
Linux without creating the postgres user and group? We have some folks
implementing LDAP that are resistant to creating a postgres account and
group and would rather create machine specific accounts (like one does for
Windows with SQL Server).
I always thought that if the postgres user and group were not there upon
install (which is done as root), that the installation process would create
them for you, am I missing something?
Thanks for any input that will provide me with ample ammunition to thwart this silly idea.
Joe Plugge
Is there any problem with configuring postgres user and group in /etc/passwd
and /etc/group respectively? You can configure PAM to accept user
authentication from multiple sources. See e. g. http://ldots.org/ldap/

-- Zdeněk Bělehrádek
--
Sent via pgsql-admin mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Tom Lane
2013-01-23 16:28:36 UTC
Permalink
Post by Plugge, Joe R.
Is it possible to install and then subsequently run the postgres engine on Linux without creating the postgres user and group? We have some folks implementing LDAP that are resistant to creating a postgres account and group and would rather create machine specific accounts (like one does for Windows with SQL Server).
The server source code has no particular allegiance to any OS username.
You can run it under whatever account you want.
Post by Plugge, Joe R.
I always thought that if the postgres user and group were not there upon install (which is done as root), that the installation process would create them for you, am I missing something?
Particular packagings of Postgres might act like that --- for instance,
the Fedora/Red Hat RPMs would try to create such a user&group. But you
did not say whose packaging you were thinking of using. In any case
you could run the executables under some other user ID if you then
adjusted file ownerships and startup scripts appropriately.

regards, tom lane
--
Sent via pgsql-admin mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Plugge, Joe R.
2013-01-23 16:33:34 UTC
Permalink
Understood, but I thought that the install routine (in this case compiled from source on RHEL 6) will create the local user and group named postgres and chown the config and data dirs to that ....

PGDATA=/var/postgresql/log/data

-rw------- 1 postgres postgres 4 Jan 7 15:18 PG_VERSION
drwx------ 2 postgres postgres 4096 Jan 7 15:18 pg_twophase
drwx------ 4 postgres postgres 4096 Jan 7 15:18 pg_multixact
-rw------- 1 postgres postgres 1631 Jan 7 15:18 pg_ident.conf
-rw------- 1 postgres postgres 16908 Jan 7 15:18 orig_postgresql.conf
-rw------- 1 postgres postgres 3652 Jan 7 15:18 orig_pg_hba.conf
-rw------- 1 postgres postgres 17929 Jan 7 15:21 postgresql.conf
-rw------- 1 postgres postgres 4160 Jan 7 15:21 pg_hba.conf
drwx------ 6 postgres postgres 4096 Jan 11 17:19 base
-rw------- 1 postgres postgres 37 Jan 16 12:16 postmaster.opts
drwx------ 2 postgres postgres 4096 Jan 17 11:37 pg_clog
drwx------ 2 postgres postgres 4096 Jan 17 11:46 pg_subtrans
drwx------ 3 postgres postgres 4096 Jan 17 11:47 pg_xlog
drwx------ 2 postgres postgres 4096 Jan 17 11:47 pg_tblspc
drwx------ 2 postgres postgres 4096 Jan 18 10:51 pg_stat_tmp
drwx------ 2 postgres postgres 4096 Jan 18 10:51 global

-----Original Message-----
From: Tom Lane [mailto:***@sss.pgh.pa.us]
Sent: Wednesday, January 23, 2013 10:29 AM
To: Plugge, Joe R.
Cc: pgsql-***@postgresql.org
Subject: Re: [ADMIN] Installing Postgres without the postgres user and group on Linux?
Post by Plugge, Joe R.
Is it possible to install and then subsequently run the postgres engine on Linux without creating the postgres user and group? We have some folks implementing LDAP that are resistant to creating a postgres account and group and would rather create machine specific accounts (like one does for Windows with SQL Server).
The server source code has no particular allegiance to any OS username.
You can run it under whatever account you want.
Post by Plugge, Joe R.
I always thought that if the postgres user and group were not there upon install (which is done as root), that the installation process would create them for you, am I missing something?
Particular packagings of Postgres might act like that --- for instance, the Fedora/Red Hat RPMs would try to create such a user&group. But you did not say whose packaging you were thinking of using. In any case you could run the executables under some other user ID if you then adjusted file ownerships and startup scripts appropriately.

regards, tom lane
--
Sent via pgsql-admin mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Tom Lane
2013-01-23 17:03:44 UTC
Permalink
Post by Plugge, Joe R.
Understood, but I thought that the install routine (in this case compiled from source on RHEL 6) will create the local user and group named postgres and chown the config and data dirs to that ....
The unmodified Postgres sources will certainly do no such thing.

regards, tom lane
--
Sent via pgsql-admin mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Plugge, Joe R.
2013-01-23 17:31:09 UTC
Permalink
You are correct, it is because I ran initdb as user postgres .... I am following you now .. .thanks for the clarification.


-----Original Message-----
From: Tom Lane [mailto:***@sss.pgh.pa.us]
Sent: Wednesday, January 23, 2013 11:04 AM
To: Plugge, Joe R.
Cc: pgsql-***@postgresql.org
Subject: Re: [ADMIN] Installing Postgres without the postgres user and group on Linux?
Post by Plugge, Joe R.
Understood, but I thought that the install routine (in this case compiled from source on RHEL 6) will create the local user and group named postgres and chown the config and data dirs to that ....
The unmodified Postgres sources will certainly do no such thing.

regards, tom lane
--
Sent via pgsql-admin mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Loading...