Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On 11/3/22 18:50, Bryn Llewellyn wrote: adrian.kla...@aklaver.com wrote: It isn't you where using pg_ctl and in the Debian/Ubuntu packaging the better option for that is pg_ctlcluster. I generally use the systemd scripts to start/stop Postgres instances, 

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

> adrian.kla...@aklaver.com wrote: > >> b...@yugabyte.com wrote: >> >> So only "postgres" can edit the files that must be so edited. > > That is not true [sudo vi some-file] which opens [it for editing]. By all means. I didn't bother to spell that out; > It isn't you where using pg_ctl an

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On 2022-11-03 15:37:07 -0700, Adrian Klaver wrote: > On 11/3/22 14:49, Bryn Llewellyn wrote: > > So only "postgres" can edit the files that must be so edited. > > That is not true: > > aklaver@arkansas:~$ whoami > aklaver > > > aklaver@arkansas:~$ sudo vi /etc/postgresql/14/main/pg_hba.conf > [

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On 11/3/22 14:49, Bryn Llewellyn wrote: I should make it clear that my VM has four "ordinary" users. Two are present on first use when VM creation finishes: the system administrator (called "parallels") and, of course, "root". The "parallels" user is enabled for "sudo". Installing PG brings "p

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

> david.g.johns...@gmail.com wrote: > > Some repetition of what Adrian just posted ahead... > >> b...@yugabyte.com wrote: >> >> How can it be that the PG doc itself leads you by the hand to a regime where >> you need to use undocumented features? > > The documentation tries to make clear that

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

> adrian.kla...@aklaver.com wrote: > >> b...@yugabyte.com wrote: >> >> Adrian gave me this link: >> https://ubuntu.com/server/docs/databases-postgresql >> Of course I'd read that right at the outset. The subtext is loud and clear. >> You need to do some things as the "postgres" user and some thi

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

 "Additionally, while reading the next chapter, Server Setup and Operation, is recommended if you are using a binary package the setup and operational environment it creates is likely to be somewhat different than what is described in this documentation.  Please read the documentation for the

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On Wed, Nov 2, 2022 at 6:22 PM David G. Johnston wrote: > Some repetition of what Adrian just posted ahead... > > On Wed, Nov 2, 2022 at 3:31 PM Bryn Llewellyn wrote: > >> >> How can it be that the PG doc itself leads you by the hand to a regime >> where you need to use undocumented features? >>

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

Some repetition of what Adrian just posted ahead... On Wed, Nov 2, 2022 at 3:31 PM Bryn Llewellyn wrote: > > I did exactly that. And I selected "Linux" and under that "Ubuntu". Notice > that I did NOT select "Debian", though it was on offer, because that's not > what I have. If Ubuntu and Debian

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On 11/2/22 15:31, Bryn Llewellyn wrote: david.g.johns...@gmail.com EARLIER wrote: A strange mutual misunderstanding has arisen here. I suppose that it must be my fault. I have no interest whatsoever in "going down to first principles". And I most certainl

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

> david.g.johns...@gmail.com EARLIER wrote: > > The postgres o/s user should be able to login using peer. It is a one-way > idea though. Wanting to login using peer says nothing about whether the user > getting that capability should be allowed to mess with the running server in > the operating

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On 11/1/22 13:20, Bryn Llewellyn wrote: david.g.johns...@gmail.com wrote: I know that I've been told off for allowing "sudo" for "postgres". I'm only experimenting on my laptop. But I want to be able to stop the server, delete the datafiles, create a

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On Tue, Nov 1, 2022 at 1:39 PM David G. Johnston wrote: > On Tue, Nov 1, 2022 at 1:20 PM Bryn Llewellyn wrote: > >> >> All this leads to an obvious question: >> >> *«* >> *Given that all of the config files have been made readable by "group" >> (in contrast to the regime for the data files), wha

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On Tue, Nov 1, 2022 at 1:20 PM Bryn Llewellyn wrote: > > About "opinionated package manager", I created my installation by > following the steps described here: > > https://wiki.postgresql.org/wiki/Apt > > Yes, apt is opinionated. And of important note here - its opinions, and the supplemental w

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

> david.g.johns...@gmail.com wrote: > >> b...@yugabyte.com wrote: >> >> It would seem proper to put any user who you want to set up for "local", >> "peer" authentication into the "postgres" group > > Did you really mean to write that? > > The postgres o/s user should be able to login using pee

Aw: Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

> The client user should *never* read the PostgreSQL configuration files, so if > changing > the permissions (which you should *never* do) has an effect, you must be > doing something > very strange, like trying to start the database server with the wrong user. It smells of trying to *embed* Pos

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On Mon, 2022-10-31 at 22:03 -0700, Bryn Llewellyn wrote: > I followed Peter's recommendation NOT to put my "clstr_mgr" O/S user in the > "postgres" > group—having earlier had it there. But doing so brought this content-free > error message > on an attempt to authorize using the intended method: >

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On Mon, Oct 31, 2022 at 10:03 PM Bryn Llewellyn wrote: > It would seem proper to put any user who you want to set up for "local", > "peer" authentication into the "postgres" group > Did you really mean to write that? The postgres o/s user should be able to login using peer. It is a one-way ide

Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

I followed Peter's recommendation NOT to put my "clstr_mgr" O/S user in the "postgres" group—having earlier had it there. But doing so brought this content-free error message on an attempt to authorize using the intended method: Error: Invalid data directory for cluster 11 main A bit of Googlin