I've browsed my history of the list, and the Internet for
information
regarding giving the unix 'postgres' user a shell of /bin/false, so
that it cannot be logged into directly. It seems from my research
that
if I set the user's shell to /bin/false it will not prevent the
running of postgres itself.
In at least FreeBSD, the standard ports way of setting PGSQL user to
use /usr/bin/nologin as shell works well enough. You get the regular
shell interface from SU'ing or sudoing into account, but you cannot
login into box directly.
Is the nologin "shell" BSD only feature though?
-Reko
--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
