I want to be able to run dropdb mydb. However, when I try to as my normal user I get:
dropdb: error: database removal failed: ERROR: must be owner of database mydb
Now I know that I can just do:
sudo -u postgres dropdb mydb
but that's annoying if I'm trying to script the dropping and re-creation of a DB, because I have to manually enter my sudo password.
I've mostly been able to avoid having to sudo to the postgres user by having a pg_hba.conf with:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
But for some reason dropdb doesn't seem to respect my pg_hba.conf. Is there some way to make it, so that I can just run dropdb as my regular user?
EDIT: And the same question applies with createdb. I can actually change the DB owner to be able to drop it (thanks stickybit!) ... but then I can't re-create it after.
Unless you're the owner of the database try to pass the -U option with the database owner (or a superuser).
dropdb -U <the database owner> <the database name>
To get the owner of a database you can query the catalog:
SELECT rol.rolname
FROM pg_database dat
LEFT JOIN pg_authid rol
ON rol.oid = dat.datdba
WHERE datname = '<your database name>';
(The above command can be run in psql or any other client, but must be run as the database superuser, e.g. postgres on most UNIX-based systems.)
To be able to create databases (with createdb or other means), you need to grant yourself the privilege to create databases.
ALTER USER <your user name> CREATEDB;
(Again, that can be run in psql or any other client, but must be run as database super user, e.g. postgres.)
You then should be the owner of the database automatically unless you specify otherwise and can therefore drop it again.
Of course you can also grant yourself superuser privileges analogously.
ALTER USER <your user name> SUPERUSER;
I want to connect to my postgresql when running my python program. The issue i face is that my username is dave, but i can only access my database with the user postgres on linux. This constellation never failed me on my mac, because i could start postgres from my "dave" user account. With linux (ubuntu) i can only connect to the database with psql, when switching my user with *sudo -su postgres to the postgres user.
How am i able to start my program from my user dave while accessing the database?
You'll have to create a user called dave:
Log on using sudo -u postgres
create database davedb;
create user dave with encrypted password 'testing';
grant all privileges on database davedb to dave;
Then, you can log in from your username itself like so:
psql dave davedb
--or--
psql -U dave -d davedb
If it asks you for your password, type it. You should be in then.
I've installed MemSQL community edition (single host cluster) and all is working well. I need to allow remote access to the database, but MemSQL installs the user root without a password. If I open up the 3306 port on the firewall, memSQL happily allows anyone to log in as root without a password.
I've tried to change the root user password via
mysqladmin -u root -h 127.0.0.1 password abc123
but I get the error of
mysqladmin: unable to change password; error: 'Unknown system variable 'password''
I also tried to change after connecting as root. all of these fail:
mysql> SET PASSWORD = 'abc123';
ERROR 1193 (HY000): Unknown system variable 'PASSWORD'
mysql> SET PASSWORD = PASSWORD('abc123');
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '('abc123')' at line 1
mysql> SET PASSWORD = OLD_PASSWORD('abc123');
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '('abc123')' at line 1
So I'm stuck. The docs for MemSQL are pretty lightweight on this issue as well, and they don't seem to have a community page where I can ask about this. I figure it's something really simple that I'm trying to do, not sure why it's so difficult, and for that matter, I'm not sure why MemSQL defaults to no security at all.
Any ideas?
In the June 2015 release of MemSQL Ops, you can now change the root password with one command using the memsql-update-root-password command. See these links for more information:
http://docs.memsql.com/4.0/ops/cli/MEMSQL-UPDATE-ROOT-PASSWORD/
http://docs.memsql.com/4.0/admin/security/#adding-or-updating-the-root-password
I hope this helps!
In MemSQL to change a password of a user you should use the GRANT command:
grant all on *.* to 'root'#'localhost' identified by 'password' with grant option;
grant all on *.* to 'root'#'%' identified by 'password' with grant option;
Refer to the manual of the GRANT command and to a very detailed manual of configuring the cluster security:
http://docs.memsql.com/latest/ref/GRANT/
http://docs.memsql.com/latest/admin/security/#configuring-password-security
Try
mysql --user=root --password=abc123 --host=127.0.0.1
or
mysql -u root -p abc123 -h 127.0.0.1
Reference: Mysql man page.
You can change the root password with:
GRANT ALL ON *.* TO "root"#"%" IDENTIFIED BY 'password' WITH GRANT OPTION
I observed one strange thing while changing password for root user in mysql as below.
mysqladmin -u root password 'mypassword'
Got error as
mysqladmin: unknown variable 'database=mydatabase'
The reason for this is mydatabase variable has been set in the /etc/my.cnf file. I commented out that line, then everything works fine.
I though of sharing this in this thread.
I want to create user and database in linux server.
I am able to create user with the following code:
su - postgres
# createuser -S -D -R myUser
but when I tried to create database with code :
# createdb -U myUser -p 5432 myDatabase
I get following error:
createdb: could not connect to database postgres: FATAL: Ident authentication failed for user "myUser"
I am new to linux so I am unable to figure out why I was able to create user but while creating database there is connection error with postgres. And also error for ident
authentication for user.
I am new to linux so I am unable to figure out why I was able to create user but while
creating database there is connection error with postgres. And also error for ident
authentication for user.
ident is an authentication schema that relies on the currently logged in user. If you've su -s to postgres and then try to login as another user, ident will fail (as it's not the currently logged in user). You can solve this issue in two ways, I tend to use the latter.
solution: simply make sure the currently logged in user is the user with which you would like to log in to postgres:
postgres#machine:~$ createuser -S -D -R myUser
postgres#machine:~$ exit
machine:~# su - myUser
myUser#machine:~$ psql myDatabase
better solution: change pg_hba.conf (probably located in /etc/postgresql/8.4/main/ or similar), and make sure you add the "md5" authentication schema to the list of options. Here's my pg_hba.conf on my development box, without comments:
berry#berry-pc:~$ sudo cat /etc/postgresql/8.4/main/pg_hba.conf | grep -v "^#" | grep -v "^$"
local all postgres ident
local all all md5
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
This tells PostgreSQL that postgres can login with ident, and all other users can login using the md5 authentication. That way, you can use the -U switch to the psql binary to denote which user you wish to become, so this actually works:
berry#berry-pc:~$ psql -U myUser myDatabase.
That said, I tend to use the postgres superuser to create databases. I then grant permissions on the newly created database to the newly created user, as such:
postgres#debian:~$ psql template1
template1=# CREATE USER myUser WITH PASSWORD 'myPassword';
CREATE ROLE
template1=# CREATE DATABASE myDatabase;
CREATE DATABASE
template1=# GRANT ALL PRIVILEGES ON DATABASE myDatabase TO myUser;
GRANT
template1=# \q
Hope that helps.
ADDENDUM: Once you've altered the pg_hba.conf, you will have to restart the PostgreSQL server to make sure it reads the configuration again. You can do so by issuing this command:
root#debian:~$ /etc/init.d/postgresql-8.4 restart
The script might be called "postgresql" instead of "postgresql-8.4", depending on OS and method of installation.
I have just installed postgresql and I specified password x during installation.
When I try to do createdb and specify any password I get the message:
createdb: could not connect to database postgres: FATAL: password authentication failed for user
Same for createuser.
How should I start?
Can I add myself as a user to the database?
The other answers were not completely satisfying to me. Here's what worked for postgresql-9.1 on Xubuntu 12.04.1 LTS.
Connect to the default database with user postgres:
sudo -u postgres psql template1
Set the password for user postgres, then exit psql (Ctrl-D):
ALTER USER postgres with encrypted password 'xxxxxxx';
Edit the pg_hba.conf file:
sudo vim /etc/postgresql/9.1/main/pg_hba.conf
and change "peer" to "md5" on the line concerning postgres:
local all postgres peer md5
To know what version of postgresql you are running, look for the version folder under /etc/postgresql. Also, you can use Nano or other editor instead of VIM.
Restart the database :
sudo /etc/init.d/postgresql restart
(Here you can check if it worked with psql -U postgres).
Create a user having the same name as you (to find it, you can type whoami):
sudo createuser -U postgres -d -e -E -l -P -r -s <my_name>
The options tell postgresql to create a user that can login, create databases, create new roles, is a superuser, and will have an encrypted password. The really important ones are -P -E, so that you're asked to type the password that will be encrypted, and -d so that you can do a createdb.
Beware of passwords: it will first ask you twice the new password (for the new user), repeated, and then once the postgres password (the one specified on step 2).
Again, edit the pg_hba.conf file (see step 3 above), and change "peer" to "md5" on the line concerning "all" other users:
local all all peer md5
Restart (like in step 4), and check that you can login without -U postgres:
psql template1
Note that if you do a mere psql, it will fail since it will try to connect you to a default database having the same name as you (i.e. whoami). template1 is the admin database that is here from the start.
Now createdb <dbname> should work.
Under Linux PostgresQL is usually configured to allow the root user to login as the postgres superuser postgres from the shell (console or ssh).
$ psql -U postgres
Then you would just create a new database as usual:
CREATE ROLE myuser LOGIN password 'secret';
CREATE DATABASE mydatabase ENCODING 'UTF8' OWNER myuser;
This should work without touching pg_hba.conf. If you want to be able to do this using some GUI tool over the network - then you would need to mess with pg_hba.conf.
There are two methods you can use. Both require creating a user and a database.
Using createuser and createdb,
$ sudo -u postgres createuser --superuser $USER
$ createdb mydatabase
$ psql -d mydatabase
Using the SQL administration commands, and connecting with a password over TCP
$ sudo -u postgres psql postgres
And, then in the psql shell
CREATE ROLE myuser LOGIN PASSWORD 'mypass';
CREATE DATABASE mydatabase WITH OWNER = myuser;
Then you can login,
$ psql -h localhost -d mydatabase -U myuser -p <port>
If you don't know the port, you can always get it by running the following, as the postgres user,
SHOW port;
Or,
$ grep "port =" /etc/postgresql/*/main/postgresql.conf
Sidenote: the postgres user
I suggest NOT modifying the postgres user.
It's normally locked from the OS. No one is supposed to "log in" to the operating system as postgres. You're supposed to have root to get to authenticate as postgres.
It's normally not password protected and delegates to the host operating system. This is a good thing. This normally means in order to log in as postgres which is the PostgreSQL equivalent of SQL Server's SA, you have to have write-access to the underlying data files. And, that means that you could normally wreck havoc anyway.
By keeping this disabled, you remove the risk of a brute force attack through a named super-user. Concealing and obscuring the name of the superuser has advantages.
This is my solution:
su root
su postgres
psql
EDIT: Warning: Please, read the answer posted by Evan Carroll. It seems that this solution is not safe and not recommended.
This worked for me in the standard Ubuntu 14.04 64 bits installation.
I followed the instructions, with small modifications, that I found in http://suite.opengeo.org/4.1/dataadmin/pgGettingStarted/firstconnect.html
Install postgreSQL (if not already in your machine):
sudo apt-get install postgresql
Run psql using the postgres user
sudo –u postgres psql postgres
Set a new password for the postgres user:
\password postgres
Exit psql
\q
Edit /etc/postgresql/9.3/main/pg_hba.conf and change:
#Database administrative login by Unix domain socket
local all postgres peer
To:
#Database administrative login by Unix domain socket
local all postgres md5
Restart postgreSQL:
sudo service postgresql restart
Create a new database
sudo –u postgres createdb mytestdb
Run psql with the postgres user again:
psql –U postgres –W
List the existing databases (your new database should be there now):
\l
In MacOS, I followed the below steps to make it work.
For the first time, after installation, get the username of the system.
$ cd ~
$ pwd
/Users/someuser
$ psql -d postgres -U someuser
Now that you have logged into the system, and you can create the DB.
postgres=# create database mydb;
CREATE DATABASE
postgres=# create user myuser with encrypted password 'pass123';
CREATE ROLE
postgres=# grant all privileges on database mydb to myuser;
GRANT
If you're running macOS like I am, you may not have the postgres user.
When trying to run sudo -u postgres psql I was getting the error sudo: unknown user: postgres
Luckily there are executables that postgres provides.
createuser -D /var/postgres/var-10-local --superuser --username=nick
createdb --owner=nick
Then I was able to access psql without issues.
psql
psql (10.2)
Type "help" for help.
nick=#
If you're creating a new postgres instance from scratch, here are the steps I took. I used a non-default port so I could run two instances.
mkdir /var/postgres/var-10-local
pg_ctl init -D /var/postgres/var-10-local
Then I edited /var/postgres/var-10-local/postgresql.conf with my preferred port, 5433.
/Applications/Postgres.app/Contents/Versions/10/bin/postgres -D /Users/nick/Library/Application\ Support/Postgres/var-10-local -p 5433
createuser -D /var/postgres/var-10-local --superuser --username=nick --port=5433
createdb --owner=nick --port=5433
Done!
Note: textdb is the database which you are going to explore with 'alex' user
root#kalilinux:~# sudo su - postgres
postgres=# psql
postgres=# create database testdb;
postgres=# create user alex with password 'alex';
postgres=# GRANT ALL PRIVILEGES ON DATABASE testdb TO alex;`enter code here`
You probably need to update your pg_hba.conf file. This file controls what users can log in from what IP addresses. I think that the postgres user is pretty locked-down by default.
Just browse up to your installation's directory and execute this file "pg_env.bat", so after go at bin folder and execute pgAdmin.exe. This must work no doubt!