My main concern is having passwords in the script (Postgres function), I am looking for a solution that how can avoid using passwords in Postgres functions.
I have a problem with using dblink_connect() in my function.
When I provide the password in the connection string, there is no problem, but when I don’t, it says:
ERROR: could not establish connection
DETAIL: fe_sendauth: no password supplied
However the .pgpass file in the path /var/lib/postgres/.pgpass does contain the proper password.
I have tried to connect to another database in the same server using dblink with psql from bash with the following command:
psql –h localhost –U myuser –w remote_db_name
It works fine.
My .pgpass file does have the line:
Localhost:5432:*:myuser:mypassword
It seems the psql finds the proper password in the .pgpass file but dblink doesn’t.
Related
I have tried
Setting the permission of .pgpass to 0600
Confirmed .pgpass is in my user's home directory (/home/brandon/.pgpass)
use -w in pg_dumpall command
Confirmed the data in .pgpass is correct
The script (https://wiki.postgresql.org/wiki/Automated_Backup_on_Linux) for automated backup works if I type the password again and again which is why i added -w to all the commands. It for some reason does not read the .pgpass file .
There are multiple error messages but they are generally this.
pg_dumpall: could not connect to database "template1": FATAL: password authentication failed for user "postgres"
FATAL: password authentication failed for user "postgres"
pg_pass file :
localhost:5432:my_db:postgres:password
command line :
username#droplet:~/ProjectDir$ bash cronjob/db_backup/pg_backup.sh
Making backup directory in /home/backups/database/postgresql/2017-12-06/
Performing globals backup
--------------------------------------------
Globals backup
cronjob/db_backup/pg_backup.sh: line 80: /home/backups/database/postgresql/2017-12-06/globals.sql.gz.in_progress: Permission denied
pg_dumpall: could not connect to database "template1": fe_sendauth: no password supplied
[!!ERROR!!] Failed to produce globals backup
Performing schema-only backups
--------------------------------------------
psql: fe_sendauth: no password supplied
The following databases were matched for schema-only backup:
Performing full backups
--------------------------------------------
psql: fe_sendauth: no password supplied
All database backups complete!
You should supply the actual calls to pg_dump and pg_dumpall for a more detailed answer.
However, from your output I see that pg_dumpall (?) tries to connect to database template1, but in your .pgpass file the only database is my_db.
You'll have to add entries to .pgpass for all databases to which you are trying to connect.
localhost:5432:mydb1:postgres:password
localhost:5432:mydb2:postgres:password
localhost:5432:mydb3:postgres:password
Alternatively, you are also able to put an * as a placeholder for different database names.
localhost:5432:*:postgres:password
Make sure that all the fields in .pgpass are the right/matching ones. If any of them (host, port, etc.) don't match, the unclear, uninformative and arguably wrong fe_sendauth: no password supplied error message will be the same.
I need to run multiple commands on an AWS Postgres RDS instance I have. I don't want to enter the password each time. I'm trying to use the .pgpass file but I'm running into errors. The first time I ran into an error which said 'role "ubuntu username" does not exist'. I logged in as the postgres user and created that username. After this, the error I get said database does not exist. I have a feeling these errors have nothing to do with trying to connect to the AWS RDS instance.
psql --host=<awshost> --port=5432 --username=<awsrdsusername> --password --dbname=<dbname asks for a password and then logs me in after I enter it. Now I put a file in /home/<ubuntuusername> called .pgpass which has <awshost>:5432:<dbname>:<awsrdsusername>:<password>. Permissions for this file are set to 0600. Now when I run psql from the terminal and that produces the error - psql: FATAL: role "<ubuntuusername>" does not exist. These steps are as outlined on this page.
Can someone help me with the steps to get a pgpass file to connect to an AWS RDS instance?
.pgpass doesn't provide connection information. You seem to expect that after you create a .pgpass file, you can run psql without arguments and it'll know where to connect. That is not the case.
The hostname, port, etc you put in .pgpass are there so that PostgreSQL knows which line to look at when matching the connection info to find its password.
If you had to run:
psql -h something
to connect without a .pgpass file, you still have to run the same thing to connect with a .pgpass file.
If you run psql without arguments it'll connect to the local PostgreSQL (if any), using the current unix username as the postgresql username and the database to connect to. That's why you get the error you do.
If you want to change the default connection, you can use environment variables like PGHOST, PGPORT, etc, and/or a .pgservice.conf file.
See the manual to learn more.
I want to backup my postgresql database with a automatic backup program and that program only support a script line that backup with pg_dump.
I can't provide password in this script so I changed method from pg_hba.conf file from md5 to trust so that it won't ask for password and I used --no-password option.
How can I change this to md5 and provide password for it.
I would use a .pgpass file or use the peer authentication method. Details here:
Run batch file with psql command without password
I have a fabric script that dumps database on server. And I can use it on multiple servers with the PostgreSQL database. The command is simple:
sudo("su postgres -c \"PGPASSWORD=%s pg_dump %s > /tmp/telemedia_newdb\""
% (HOST_SOURCE_DB_UPASS,HOST_SOURCE_DB))
But sometimes, Postgres does not ask for a password at all ...
Will this command fail without a password prompting from Postgres? (Or I know that it will not prompt and HOST_SOURCE_DB_UPASS=''). I want THIS code to work with or without password.
It all depends on how you set up access to your database in pg_hba.conf. There is a separate config file per database cluster (effectively per port) and settings can be different from database to database.
So, yes, if you have set it up that way, then the system user postgres will have password-less access to some databases but is prompted to enter a password for others. The default is that the system user postgres has password-less access to every database as database user of the same name (postgres).
If you provide a password in the command with the environment variable PGPASSWORD, but no password is needed, it will be ignored silently.
However, I quote the manual here:
PGPASSWORD (...) Use of this environment variable is not recommended for security reasons.
You can use a password file to provide passwords automatically (.pgpass on Unix systems). pg_dump will use it.
Finally, consider the command line options:
--no-password
--password
to force pg_dump to either prompt or not prompt for a password. If a password is required but disabled by --no-password, pg_dump will fail.
I would enable password-less access for the system user postgres to every database in the config file pg_hba.conf. Use peer or ident authentication methods. Then you don't have to provide a password and the script will always work:
local all postgres ident
Your script would be simplified to (untested):
sudo("su postgres -c \"pg_dump %s > /tmp/telemedia_newdb\"" % (HOST_SOURCE_DB))
Well I installed the latest postgreql database on my Windows 7.
Now I'm trying to create a database via the psql.exe command line
When I open it, it says
psql: FATAL: database "Jansu" does not exist
So I read somewhere, that when no database is specified, it tried to find database with my username or something.
Anyways..how do i create a new database, when I can't access the commandline.
Read psql syntax. You can specify database, user and other parameters. If it's a new installation, there should be a default database 'postgres', you can connect to that one.
psql -U postgres postgres
(In Unix environments you might need to add -h localhost in order to force a TCP connection, otherwise it'd try to use Unix-domain sockets, which might not work for other than the postgres user. )
You can create databases from there, or from the command line with createdb