There is a CLI option --serviceaccount <username> which a user
can use to make any user the owner of postgres service and data files.
Also, if you choose 'postgres' as the service account and the
'postgres' user doesn't exist. The installer will create postgres as a
'locked' user account. Thats the reason you dont see 'postgres' listed
as any other normal user. These steps were taken to enhance the
security of the data folder.
Again, anytime a user is free to use any account as the service account
and not use 'postgres'.
On 4/2/10 12:37 PM, John Gage wrote:
Then I don't understand why the installer doesn't do the
same thing.
Or, in the alternative, why it doesn't ask you what you want these
parameters to be.
I would say that, typically, someone installing postgres does it,
conceivably, as root or, more likely, as a user.
What he or she doesn't do is install it as user 'postgres'.
Yet, that is what the one-click installer does. I do not believe that
this is intuitive. What is more, gratuitiously adding a user to the
system doesn't seem to make a whole lot of sense.
In addition, all other one-click installations on the Mac either don't
ask for root privileges, because they don't need them, or ask for them,
but still install under the current user. Some installations will even
ask whether you want the application usable by all users of the machine
or just you.
But none, repeat none, create a new user.
What is more, through standard unix commands such as "who" or "cat
/etc/passwd", I cannot find the user 'postgres' on my machine...even
though he is the owner of the Postgres data files...on my machine.
There's the rub. 'postgres' owns files...my files...on my machine, yet
he is not on my machine. Not good.
I should add that I am an accolyte of Postgres and am only raising this
(possible) issue in the most positive spirit I am capable of. In
addition, I think that the people on this list are superb, and the
responses are unbelievably helpful and accurate.
John
On Apr 2, 2010, at 8:29 AM, John R Pierce wrote:
John Gage wrote:
The 8.4.2 documentation says:
"The default user name is your Unix user name, as is the default
database name."
when you as a user connect to the database server the commands like
psql, pg_dump, etc all use your unix username as the default for the
database username, and your username as teh default for the database
name, unless you specify a different user and/or database on hte
command line.
|
