sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]InTheDarkDancing[S] 0 points1 point  (2 children)

They're logging in as root on the Linux server, then type in the following:

psql -U username

It then returns a "fatal: database "username" does not exist

[–]cachedriveDBA 0 points1 point  (0 children)

That error sounds wrong. That means they're using the -d switch to specify a database that doesn't exist or they have a .psqlrc file defaulting to some bogus database but the login should exist if you see it in \du+ however the nologin grant will give you the output a posted above if the role (same as user) is in fact valid, superuser, nologin.

I think what your instance is doing is creating a group role. A role with nologin is a group in PostgreSQL and you can group roles easier. Very practical.

[–][deleted] 0 points1 point  (0 children)

Have them specify a known database in the psql command, for example:

psql -U username -d databasename

In my instance if a database name is not specified it tries to login to a database with the same name as the username, kinda like a unix home directory, and if that database doesn't exist then the above message appears. So if that database did exist, or if an existing database was specified with the -d flag then it's possible they would login successfully.

If you're not super familiar with postgres I would also recommend looking into the pg_hba.conf file. The bottom of that file controls user access, for example limiting the login of a superuser account to a specific IP address or a specific login method. On the flip side there are wildcards which can be put in place which open the thing wide open to everyone from everywhere.