Thread: psql -U postgres does not require a password
I've just upgraded Redhat RPMs from Postgres 6.5.3 to 7.0.2 on two servers and run into the same problem on both. When I call the client psql: psql database_name -U postgres I'm not asked for a password and every user can access the database with postgres privileges. The password for postgres user is set (if I do a "select * from pg_shadow" I can see it). In addition this happens with every user, not just with postgres. What am I doing wrong ? Thanks. Silvan
Mon, 6 Nov 2000 12:11:20 +0100, SILVAN wrote: > > I've just upgraded Redhat RPMs from Postgres 6.5.3 to 7.0.2 on two servers > and run into the same problem on both. When I call the client psql: > > psql database_name -U postgres > > I'm not asked for a password and every user can access the database with > postgres privileges. > The password for postgres user is set (if I do a "select * from pg_shadow" I > can see it). In addition this happens with every user, not just with postgres. > > What am I doing wrong ? > Thanks. > > Silvan > I'm not really a postgres admin professional so accept my execuses in case this hint is to dumb. Your password setting might have been kept in your pg_shadow table while upgrading. It's just a table internal to the database, after all. As far as I know, _Access_ is controlled by a file "pg_hba.conf" which is _external_ to the database. I could imagine that your migration install has simply overwritten the external file while preserving internal tables. A default pg_hba.conf leads to the behavior described: anyone can access any database with just a username. So please chekc this file. HTH Hans --------------------------------------------------------------------- Dr. Hans C Waldmann Methodology & Applied Statistics in Psychology & the Health Sciences ZFRF / University of Bremen / Grazer Str 6 / 28359 Bremen / Germany waldmann@samson.fire.uni-bremen.de / http://samson.fire.uni-bremen.de friend of: AIX PERL ADABAS SAS TEX ---------------------------------------------------------------------
Silvan Calarco writes: > psql database_name -U postgres > > I'm not asked for a password and every user can access the database with > postgres privileges. psql only asks for a password if the server requires password authentication. Look into pg_hba.conf how to set that up. (Might be in /var/lib/pgsql/... on your system.) -- Peter Eisentraut peter_e@gmx.net http://yi.org/peter-e/
"Dr. Hans-Christian Waldmann" wrote: > which is _external_ to the database. I could imagine that your migration > install has simply overwritten the external file while preserving internal > tables. A default pg_hba.conf leads to the behavior described: anyone can > access any database with just a username. So please chekc this file. The upgrade procedure calls for a dump, then an initdb (done by the startup script), then a restore. The passwords, etc, are dumped and restored -- but pg_hba.conf is not copied in any way. The initdb would in fact overwrite this file -- which, if the recommendations in the upgrade docs (README.rpm) were followed, there should be a copy of that file in the backup directory. -- Lamar Owen WGCR Internet Radio 1 Peter 4:11