Schmid Andreas <andreas.sch...@bd.so.ch> writes:
> I'm trying to add a new DB user with the following command from my client
> machine:
> createuser -h my.host.name -U mysuperusername --pwprompt newusername
> I'm getting the following message:
> createuser: could not connect to database postgres: FATAL: no pg_hba.conf
> entry for host "10.0.0.1", user "mysuperusername", database "postgres", SSL on
> Now, it's true that our pg_hba.conf doesn't allow access to the postgres
> database. We did this intentionally, as usually no one needs to connect to
> this database.
That may have been intentional but it was still a bad decision; the entire
point of the postgres database is to have a default landing-place for
connections that don't need to connect to a specific database within
the cluster.
> So I tried to do
> export PGDATABASE=sogis
> before the createuser command. But no success. Does anyone know of another
> way to achieve what I'm trying?
CREATE USER?
> I whish to do it with createuser rather than with the SQL command CREATE USER
> because this way I can avoid the password for the new user to show up
> anywhere in the history.
If by "history" you're worried about the server-side statement log, this
is merest fantasy: the createuser program is not magic, it just constructs
and sends a CREATE USER command for you. You'd actually be more secure
using psql, where (if you're superuser) you could shut off log_statement
for your session first.
If by "history" you mean ~/.psql_history, you could turn that off (psql -n)
or to protect the password specifically, you could use psql's \password
command.
regards, tom lane
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
