Home/ Questions/Q 8972693
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T18:16:38+00:00

I installed postgreSQL by default with apt-get and I believe it has automatically added

  • 0

I installed postgreSQL by default with apt-get and I believe it has automatically added a user for me called “postgres”.

  1. I only have one database that I want to sort on postgres, so is
    there any point creating another user account for this database or
    should I just keep with the one which is installed with postgreSQL
    “postgres”?

  2. The user account postgres which is made for me, is it given some
    kind of default password? Is it recommended that I put in my own
    password?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    EDIT: I misinterpreted the question, the OP is asking about internal users, not system users

    Original Answer: System users for running servers

    Most services running on a linux box are given their own independent user, as a standard security practice. In the off-chance that the postgreSQL server was compromised — either you made a mistake, or there was a vulnerability in postgresql, or whatever — the attacker can only gain access to the resources allowed to the user running the postgresql server. If that user is root, you lose the machine. If that user is your user, you lose not quite as much. If that user is postgres, which only has minimal access to anything.. you lose the database, and that’s all.

    So:

    1. You merely need a single user for the postgreSQL server, regardless of what, exactly, that server process is hosting. If (it sounds like one was) a user was created for you automatically, you’re all set with this step. If you need to make one manually (sounds like you don’t), you would also have to change the permissions so that the new user can access only what it needs to.

    2. That account very possibly cannot be directly logged into; if it has a password at all it’s a lot of random data. In order to use the account, you need to start out as root, and then voluntarily “downgrade” yourself to postgres. In the case of the server, root starts the server “under the name of” postgres. I would advise leaving it alone.

    Second Answer: Database users

    Once you have a server running, the server will keep its own set of users, for the purposes of accessing the database. The simplest architecture you could use there is just having a base user with full permissions do everything. While this works, it is not advised if you are hosting this externally. A more preferable solution is to have a set of users, similar to how the OS is set up: a bunch of users to do specific tasks, and one admin user to rule them all. That said:

    1. You don’t have to, but if you are going to host this anywhere (if you’re not just using it for personal things, and it’s world-accessible), I would advise extra users with limited permissions.

    2. http://archives.postgresql.org/pgsql-admin/2001-10/msg00192.php

      There is no password by default; create one with ALTER USER.

      Passwords do not take effect unless pg_hba.conf is set up to use them. If
      it is, and you have not assigned a password to postgres, you will not be
      able to connect as postgres.

    • 0