Thx Tom
Fine advice that I will follow up.
One tiny thing without wasting (too much) more of your time.
In the working "promiscuous" version they get access the VPS as the same linux user that my product is running on, and superuser PG access.
In the failed version their SSH login is as a different and very limited linux user, as well as their own postgres user name.
Still on a "permissions" theme ... is their any glaring issues that are required to provide a random linux user with permissions to access a DB?
(FYI every few years you graciously help me like this and I'm well aware of our skill difference and the vague questions I regurgitate. Kudos.)
Thx
-Damian
Damian Carey <jamianb@gmail.com> writes:
> The PP product is on MSSQL, so they use some connector (sorry, no idea
> what) from the customer PC to access my PG14 on Ubuntu.
Black boxes are fun aren't they.
> This is their screenshot supplied to me of a working connection ....
> [image: image.png]
> Below is our second trial/proof-of-concept where I tried to limit them to
> ONLY need-to-know on the one shared database they read from.
> It seems they are accessing (the one and only) PG cluster on the VPS, but
> no database is visible, only "default".
> [image: image.png]
These images didn't come through, but they probably wouldn't have
added anything anyway.
It seems that either their connector is doing something strange or
you misconfigured things on your side, but there's no evidence here
to say which. I'd counsel enabling log_connections, and maybe
log_statements too, and then looking into the postmaster log to see
what happens when they try to connect.
regards, tom lane