On 2/13/23 16:14, Damian Carey wrote:
Thx Tom
Fine advice that I will follow up.
One tiny thing without wasting (too much) more of your time.
In the working "promiscuous" version they get access the VPS as the same linux user that my product is running on, and superuser PG access.
In the failed version their SSH login is as a different and very limited linux user, as well as their own postgres user name.
Still on a "permissions" theme ... is their any glaring issues that are required to provide a random linux user with permissions to access a DB?
(FYI every few years you graciously help me like this and I'm well aware of our skill difference and the vague questions I regurgitate. Kudos.)
I should wait for Tom to respond... What was the create user command? Or are you talking about the following? GRANT { { CREATE | CONNECT | TEMPORARY | TEMP } [, ...] | ALL [ PRIVILEGES ] } ON DATABASEdatabase_name
[, ...] TOrole_specification
[, ...] [ WITH GRANT OPTION ] [ GRANTED BYrole_specification
]