On Fri, May 22, 2009 at 9:49 AM, Peter Eisentraut <peter_e@gmx.net> wrote:
On Friday 22 May 2009 06:51:42 Cliff Pratt wrote: > I've browsed my history of the list, and the Internet for information > regarding giving the unix 'postgres' user a shell of /bin/false, so > that it cannot be logged into directly. It seems from my research that > if I set the user's shell to /bin/false it will not prevent the > running of postgres itself.
I think it could work, but I don't think it is to be recommended. Sometimes you want to log in as that user to be able to do certain types of special administration or fixes. For example, if you ever need to run pg_resetxlog, you probably want to be logged in as postgres, unless you are very confident that your su or sudo invocations are correct and don't mess up the permissions of the database directory in strange ways.
Maybe disabling the password of the account and allowing login only via sudo is close to what you want, but ends up being more flexible.
It will work, the only problem you'll run into is the startup scripts. Typically (and this depends on the package you're using), your startup script is probably using 'su postgres' to run pg_ctl. You would need to modify that line to use 'su -c /bin/sh .... ' or something of the like to have those scripts work.
