How do I access PostgreSQL by both socket and port? - postgresql

I have started a PostgreSQL process as follows:
pg_ctl start -w -D /path/to/data -l /path/to/log -o "-F -k /path/to/unix/socket -h ''"
(alternatively -h '*' instead of -h '')
Aside, references for pg_ctl (the outer function) and postgres (the -o parameter)
and created a user (with password) and database:
createuser -P admin
createdb -O admin db
I can connect to the database via the unix socket (does not trigger a password prompt):
psql -h /path/to/unix/socket -U admin -d dbname
but connecting via the TCP port fails:
psql -h localhost -U admin -d dbname
Password for user snaprevs_admin:
psql: FATAL: password authentication failed for user "admin"
What do I need to change so that both the unix socket and TCP connections work as expected?

If you are performing a custom pg_ctl launch, you should check that there isn't a default service already running. If there is it will consume the default TCP port.
To stop the default service and prevent it from starting on next boot:
sudo systemctl disable postgresql --now
If you only want to stop it temporarily:
sudo service postgresql stop
You should now be able to stop and re-start your custom service (with -h '*'), then log in over TCP.

Related

Postgresql & OpenBSD first connexion

I don't understand how Postgres works with openBSD. I didn't have these problems with debian (I don't have to do the initdb).
I did as follow
pkg_add postgresql-server php-pgsql
su - _postgresql
initdb -D /var/postgresql/data -U postgres - E UTF8 -A md5 -W
But after that, I don't have the result that I expect
I can start the database with
pg_ctl -D /var/postgresql/data/ -l logfile start
or with
rcctl enable postgresql
rcctl start postgresql
But I don't understand how to connect to it
Because if I do:
# su - _postgresql
$ psql
Password:
psql: FATAL: password authentication failed for user "_postgresql"
Why it's the _postgresql user and not postgres?
Which password I'm supposed to use?
This is the pg_hba.conf, I changed the end,
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32
password
# IPv6 local connections:
host all all ::1/128 md5
So with this, I think, i'm login but I have a new probleme, there is really something I don't understand
$ pg_ctl -D /var/postgresql/data/ -l logfile stop
waiting for server to shut down.... done
server stopped
$ pg_ctl -D /var/postgresql/data/ -l logfile start
server starting
$ psql
psql: FATAL: role "_postgresql" does not exist
thanks
So the normal case when a create a new database is
With the user
su - _postgresql
initdb -D /var/postgresql/data -U postgres -k -E UTF8 -A md5 -W
and you have to chose a password
Start the database
pg_ctl -D /var/postgresql/data/ -l logfile start
And you can easily login with
psql -U postgres
But if it didn't work, i suppose i did a mistake with the password
With the user
su - _postgresql
First I need to change the ph_hba.conf to trust
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
so when I start the database with
pg_ctl -D /var/postgresql/data/ -l logfile start
so I can login with the postgres user
psql -U postgres
And finaly change the password
ALTER USER postgres WITH PASSWORD '123';
Don't forget the " ; " at the end!
Change the pg_hba.conf file
First I need to change the ph_hba.conf to password (or maybe MD5)
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all password
And restart
pg_ctl -D /var/postgresql/data/ -l logfile stop
pg_ctl -D /var/postgresql/data/ -l logfile start
And i can finaly login properly
psql -U postgres

How to connect to an alternative local postgresql cluster for the fist time?

In Ubuntu 16.04 I created second postgres database cluster, called cmg, with a local user as the admin user:
pg_create -u "local_username" -g "local_usergroup" -d /path/to/data/dir 9.5 cmg
The cluster was started with:
pg_ctrlcluster 9.5 cmg start
which ran successfully (pg_lsclusters show both are online)
The problem is I cannot connect to the cluster using psql as is normally done.
I tried using:
psql -h 127.0.0.1 -w -p5433 -U local_username
which fails with:
psql: fe_sendauth: no password supplied"
Is there any way to connect to the specific cluster?
use psql -h your_socket_dir -p5433 -U postgres to connect locally (uses peer auth by default - thus high chahce to login wothout password)
once logged in - set up password (create user if needed) and use it connecting remotely
psql -h 127.0.0.1 -p5433 -U local_username
in your connect string you had -w which is never ask for a password https://www.postgresql.org/docs/current/static/app-psql.html which would by default work only for local connections
I think the default pg_hba.conf when you start up a new cluster expects you to authenticate with peer connections, so you need to change user to your local user before connecting
[root#server~]# su - local_username
>> Enter password:
> password
[local_username#server~]# psql -h 127.0.0.1 -p 5433
You can check your pg_hba.conf file in /path/to/data/dir/pg_hba.conf to see how it expects you to authenticate.
Alternatively, if you cannot get access as your 'local_username' then instead su to postgres user in the instructions above and it should work

pg_dump from remote server to localhost

Hi can anyone help me dump from a postgreSQL database on a remote AWS server to a postgreSQL database on my local machine.
I've been trying to do it using the answer in this stack post but it keeps failing.
The command I'm using is
pg_dump -C -h ssh ubuntu#ec2-59-16-143-85.eu-west-1.compute.amazonaws.com -U dev_user paycloud_dev | psql -h localhost -U dev_user paycloud_dev
But I keep getting the error
pg_dump: too many command-line arguments (first is "paycloud_dev")
Can't figure out what I'm doing wrong
Just to add, dev_user is the role I've set up in postgreSQL on both the local machine and remote server. paycloud_dev is the name of the database on both (owner is dev_user)
Edit 1
Tried the command below as per a post that has since been deleted for some reason
pg_dump -C -h ec2-59-16-143-85.eu-west-1.compute.amazonaws.com -U dev_user paycloud_dev | psql -h localhost -U dev_user paycloud_dev
This is now giving me the error
pg_dump: [archiver (db)] connection to database "paycloud_dev" failed: could not connect to server: Connection refused
Is the server running on host "ec2-59-16-143-85.eu-west-1.compute.amazonaws.com" (59.16.143.85) and accepting
TCP/IP connections on port 5432?
I went on to AWS and noted that is the elastic ip of the server. I then tried the following (the private IP address)
pg_dump -C -h 170.30.43.35 -U dev_user paycloud_dev | psql -h localhost -U dev_user paycloud_dev
This asks me for the password for paycloud_dev and when I enter it pauses for a good 2 or 3 minutes and comes back with:
pg_dump: [archiver (db)] connection to database "paycloud_dev" failed: could not connect to server: Connection refused
Is the server running on host "170.30.43.35" and accepting
TCP/IP connections on port 5432?
I've tried editing the AWS security group to add a rule that accepts all traffic (port range 0-65535) but the same error is occurring.
Edit 2
Tried the following as per post by pokoli
ssh ubuntu#ec2-59-16-143-85.eu-west-1.compute.amazonaws.com pg_dump -C -h -U dev_user paycloud_dev | psql -U dev_user paycloud_dev
It's not working though. It first asks me for the psql password for my laptop then before I can input anything, it gives an error.
[sudo] password for alzer: pg_dump: too many command-line arguments (first is "paycloud_dev")
Try "pg_dump --help" for more information.
Anyone?
You have to connect with ssh to remote host, execute the dump and pipe it to your local machine. The following command should do:
ssh ubuntu#ec2-59-16-143-85.eu-west-1.compute.amazonaws.com -C pg_dump -U dev_user paycloud_dev | psql -U dev_user paycloud_dev
The command will ask for password of both users if needed and the playcloud_dev database should exists on localhost, otherwise the dump will fail.
Try do this over ssh tunnel.
ssh -fT -L 5432:127.0.0.1:5432 %remote_user_login%#%your_aws_host% sleep 10
pg_dump -C -h localhost -U dev_user paycloud_dev | psql -h localhost -U dev_user paycloud_dev
First line create ssh tunnel and port mapping.
And view your AWS security settings in "Security Groups", may be you forgot opening ports.

Postgresql (pgsql) client expecting sockets in different location from postgrsql-server

While trying to connect to postgres running locally on my workstation, I get:
$ sudo -u postgres psql -c "create role ..."
could not change directory to "/home/esauer/workspace/cfme"
psql: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/.s.PGSQL.5432"?
My postgres-server install creates sockets in /var/run/postgresql.
How do I get the client to look in the proper location?
Check the --host option with psql --help.
Then you can make it permanent by setting it in your .psqlrc user file.
In your case try:
psql -h /var/run/postgresql -d your_database

Using psql to connect to PostgreSQL in SSL mode

I am trying to configure ssl certificate for PostgreSQL server. I have created a certificate file (server.crt) and key (server.key) in data directory and update the parameter SSL to "on" to enable secure connection.
I just want only the server to be authenticated with server certificates on the client side and don't require the authenticity of client at server side. I am using psql as a client to connect and execute the commands.
I am using PostgreSQL 8.4 and Linux. I tried with the below command to connect to server with SSL enabled
psql "postgresql://localhost:2345/postgres?sslmode=require"
but I am getting
psql: invalid connection option "postgresql://localhost:2345/postgres?sslmode"
What am doing wrong here? Is the way I am trying to connect to server with SSL mode enabled is correct? Is it fine to authenticate only server and not the client ?
psql below 9.2 does not accept this URL-like syntax for options.
The use of SSL can be driven by the sslmode=value option on the command line or the PGSSLMODE environment variable, but the default being prefer, SSL connections will be tried first automatically without specifying anything.
Example with a conninfo string (updated for psql 8.4)
psql "sslmode=require host=localhost dbname=test"
Read the manual page for more options.
psql --set=sslmode=require -h localhost -p 2345 -U thirunas \
-d postgres -f test_schema.ddl
Another Example for securely connecting to Azure's managed Postgres database:
psql --file=product_data.sql --host=hostname.postgres.database.azure.com --port=5432 \
--username=postgres#postgres-esprit --dbname=product_data \
--set=sslmode=verify-full --set=sslrootcert=/opt/ssl/BaltimoreCyberTrustRoot.crt.pem
Well, you could provide all the information with the following command in CLI, if a connection requires in SSL mode:
psql "sslmode=verify-ca sslrootcert=server-ca.pem sslcert=client-cert.pem sslkey=client-key.pem hostaddr=your_host port=5432 user=your_user dbname=your_db"
Found the following options useful to provide all the files for a self signed postgres instance
psql "host={hostname} sslmode=prefer sslrootcert={ca-cert.pem} sslcert={client-cert.pem} sslkey={client-key.pem} port={port} user={user} dbname={db}"
On psql client v12, I could not find option in psql client to activate sslmode=verify-full.
I ended up using environment variables :
PGSSLMODE=verify-full PGSSLROOTCERT=server-ca.pem psql -h your_host -U your_user -W -d your_db
psql "sslmode=require host=localhost port=2345 dbname=postgres" --username=some_user
According to the postgres psql documentation, only the connection parameters should go in the conninfo string(that's why in our example, --username is not inside that string)
psql -h <host> -p <port> -U <user> -d <db>
and update /var/lib/pgsql/10/data/pg_hba.conf to change the auth method to cert. Check the following link for more information:
https://www.postgresql.org/docs/9.1/auth-pg-hba-conf.html
Another pattern that worked with v8 is
psql -h host_name -p port -U user_name "dbname=db sslmode=require"