Postgres Pro
Downloads
Home   >   mailing lists

Re: "peer" authentication: cannot make "pg_ident.conf" work as I believe that the doc says that it should - Mailing list pgsql-general

From Peter J. Holzer
Subject Re: "peer" authentication: cannot make "pg_ident.conf" work as I believe that the doc says that it should
Date
Msg-id 20221030100427.7t3owveqhwn5cuxg@hjp.at
Whole thread Raw
In response to Re: "peer" authentication: cannot make "pg_ident.conf" work as I believe that the doc says that it should  (Bryn Llewellyn <bryn@yugabyte.com>)
Responses Re: Unix users and groups... Was: "peer" authentication...
List pgsql-general
Tree view 
On 2022-10-29 20:20:50 -0700, Bryn Llewellyn wrote:
> For the purpose of the tests that follow, I set up the O/S users "bob" and
> "mary" so that "id bob mary postgres" shows this:
>
> id=1002(bob)       gid=1001(postgres) groups=1001(postgres)
> uid=1003(mary)     gid=1001(postgres) groups=1001(postgres)

This has nothing to do with your problem, but don't do this. Normal
users should not be in group "postgres". That gives them access to some
files which are not readable by the public. It might be useful for
administrators, but AFAICS your test users aren't supposed to be that.

> uid=1001(postgres) gid=1001(postgres) groups=1001(postgres),27(sudo),114
> (ssl-cert)

And is there a reason for posgres to be in group sudo?

        hp

--
   _  | Peter J. Holzer    | Story must make more sense than reality.
|_|_) |                    |
| |   | hjp@hjp.at         |    -- Charles Stross, "Creative writing
__/   | http://www.hjp.at/ |       challenge!"
Attachment

pgsql-general by date:

Previous
From: "Peter J. Holzer"
Date:
Subject: Re: "peer" authentication: cannot make "pg_ident.conf" work as I believe that the doc says that it should
Next
From: Joe Conway
Date:
Subject: Re: Index corruption revealed after upgrade to 11.17, could date back to at least 11.12