pg_settings

pg_hba.conf
主机名和端口:Find the host name and port using PSQL commands

  1. SELECT * FROM pg_settings WHERE name = 'port';

用户和权限管理

一个数据库对应一个用户,以Linux普通用户的身份连接此数据库。
默认的用户/数据库是postgres,通过sudo su -postgres连接。

  1. # 以用户登录
  2. psql -U '用户名' 
  4. # 查看所有用户
  5. \du

  • [x] Peer authentication

    Peer authentication The peer authentication method works by obtaining the client’s operating system user name from the kernel and using it as the allowed database user name (with optional user name mapping). This method is only supported on local connections.

    Password authentication The password-based authentication methods are md5 and password. These methods operate similarly except for the way that the password is sent across the connection, namely MD5-hashed and clear-text respectively. If you are at all concerned about password “sniffing” attacks then md5 is preferred. Plain password should always be avoided if possible. However, md5 cannot be used with the db_user_namespace feature. If the connection is protected by SSL encryption then password can be used safely (though SSL certificate authentication might be a better choice if one is depending on using SSL).

  • [ ] 命令行方式登录PostgreSQL、创建用户和数据库并赋权

    修改postgres用户的密码(linux用户)

    ```bash 需要在root用户下修改

  1. 修改linux系统postgres用户的密码 PostgreSQL会创建一个默认的linux用户postgres,修改该用户密码的方法如下:

步骤一:删除用户postgres的密码

sudo passwd -d postgres

步骤二:设置用户postgres的密码

sudo -u postgres passwd

系统提示输入新的密码

Enter new UNIX password:

Retype new UNIX password:

passwd: password updated successfully

  1. <a name="QBBFg"></a>
  2. # 角色管理
  3. [第21章数据库角色](http://postgres.cn/docs/10/user-manag.html)
  4. ```sql
  5. CREATE role name;
  7. DROP role name;
  9. SELECT rolename FROM pg_roles;
  1. CREATE ROLE name [ [ WITH ] option [ ... ] ]
  3. where option可以是:
  5.       SUPERUSER | NOSUPERUSER
  6.     | CREATEDB | NOCREATEDB
  7.     | CREATEROLE | NOCREATEROLE
  8.     | INHERIT | NOINHERIT
  9.     | LOGIN | NOLOGIN
  10.     | REPLICATION | NOREPLICATION
  11.     | BYPASSRLS | NOBYPASSRLS
  12.     | CONNECTION LIMIT connlimit
  13.     | [ ENCRYPTED ] PASSWORD 'password' | PASSWORD NULL
  14.     | VALID UNTIL 'timestamp'
  15.     | IN ROLE role_name [, ...]
  16.     | IN GROUP role_name [, ...]
  17.     | ROLE role_name [, ...]
  18.     | ADMIN role_name [, ...]
  19.     | USER role_name [, ...]
  20.     | SYSID uid