I am trying to do a local installation of a large but simple installation PostgreSQL 9.3.2 to hold about 14 GB of data, currently in a CSV file. This is my first attempt to install any database other than SQLite. The installer is asking me questions that I do not know how to answer and that seem inappropriate for an installation that I do not want to make available to the internet. I expect to be interacting with it through the R package RPostgreSQL. The database will contain primarily US Census data that is publicly available for free, and so not a tempting target. For instance, the installer asks me what port to use, and seems to require that I set a password. I prefer to set it up with no internet or remote accessibility at all, even from me.
Could someone tell me or point me toward documentation for producing a strictly local installation with minimal irrelevant hoops to jump through, both on installation and on use? I did a series of searches on variant of PostgreSQL & “install locally” or “local installation” or “create local database”, etc. but these were unproductive.
This will be on an ancient but lightly rebuilt Compaq laptop, Intel Core 2 Duo, Windows XP OS with SP3.
Any help folks could offer much appreciated.
If you're looking for an install that doesn't run a server and listen on TCP/IP, it isn't really possible, because PostgreSQL is a client/server database that (on Windows) communicates with clients solely over TCP/IP.
A "local only" install is one where the TCP/IP socket listens only on localhost, i.e. 127.0.0.1.
If you were really keen, you could not install the Windows service for the server at all, and just grab the binaries. To use PostgreSQL you would then have to initdb a new database directory, and start PostgreSQL when you wanted it with pg_ctl. See the user manual for details on these commands. When running, PostgreSQL would still be a server listening on a TCP/IP port, there's just no way around that on Windows.
On UNIX systems PostgreSQL can listen on a unix socket (a bit like a windows named pipe). This is not supported by PostgreSQL on Windows. Even then, it still has to run a server.
If you're looking for something like an embedded, on-demand, or in-memory PostgreSQL that runs out of the client library, there is no such thing.
Related
Two days ago, i started learning postgresql. Most tutorials I followed online were either old or the codes wont just work on my mac. I followed a lot of tutorials that did a lot of totally different things.
When i switched on my system today. I noticed Postgresql created a user on my mac. I don't know what this is or maybe i used the wrong CLI code.
When I tried viewing the user, I saw this
should I delete this user or it has a function?
postgres user account
Creating a user account specifically for Postgres, commonly named postgres, is a normal part of a Postgres installation. Your installer app likely prompted you for a password to assign to this new user account.
One reason for this is security: The database’s data files and security configuration files are stored in folders owned by the postgres user. So if your main user account is hijacked, the intruder does not yet have access to the database (often the most valuable thing in storage). The intruder must jump through more hoops to compromise Postgres. Also, the separate ownership prevents other apps from inadvertently stomping on the Postgres files.
You will find Postgres is much more enterprise-oriented than other products such as MySQL. This means locking-down for security. Another example: Postgres by default is configured to not accept connections over the network. To enable connections from other computers, you must change the configuration. Inconvenient for the beginner, but more secure. Like a bar on your car steering wheel and deadbolts on your doors, more security always means more steps to take and more annoyance.
Use a virtual machine
Installing the postgres user account is one of the things that makes Postgres a rather heavyweight installation. I suggest to those learning Postgres to use a virtual machine for Postgres. Something like:
Parallels or Fusion or VirtualBox on your own computer
Cloud server such as FreeBSD on DigitalOcean.com.
To remove Postgres, simply discard the vm.
Postgres.app for macOS
Another option for a Mac user is Postgres.app, created by the person who built one of the first Postgres-as-a-Service implementations (on Heroku). I have not used Postgres.app, but I understand it wraps Postgres, so it does not install the postgres user account. Also, Postgres starts and stops when launch and quit the app, rather than running in the background all the time.
Be aware: you may have conflicts with Postgres.app on a Mac where you already have a conventional installation. I suggest you first carefully remove the conventional Postgres from your Mac before installing Postgres.app. Uninstalling involves finding and deleting various files and folders in various places.
Database-as-a-Service (DBaaS)
Another option to avoid local installation is the increasing choices for running Postgres as a service. This is sometimes referred to as “managed Postgres” because the vendor maintains the installation of Postgres on your behalf. You simply use Postgres to create your database, but you do not fully control Postgres in such a service.
Some examples:
Heroku
Digital Ocean
Azure
Amazon Web Services (AWS)
ElephantSQL
My experience
Personally, I often install Postgres on a Mac using the installer by EnterpriseDB.com. That company sells added-value versions of Postgres, but kindly provides an installer for plain-vanilla Postgres, as a service to the community.
I have also used that same installer from EnterpriseDB.com to install onto a Parallels VM running macOS as the guest OS within the VM on a MacBook Pro running macOS as the host OS. You can easily configure the VM to share the host Mac’s IP address on the network, or you can give the VM its own network address which might be handy for demo/dev/test work.
Thirdly, I have installed Postgres on FreeBSD on DigitalOcean.com.
All three of these options have worked quite well for me. Which is preferable depends on the scenario. For example, the DigitalOcean.com approach is good if I want colleagues to be able to reach the database 24x7 without my own MacBook being available.
This discussion is for development work. For mission-critical deployment, I strongly recommend using heavy-duty server equipment with error-correcting memory and redundant storage such as RAID or ZFS pool. Postgres is extremely reliable but depends, of course, on reliable hardware.
Your tag says Postgres 9.1. That version is quite old now. I suggest using the latest version. By the way, the version numbering system has changed for postgres. The first number is now the roughly-annual release number likely requiring you to dump and reload data to upgrade, and the second number is compatible updates.
As pointed out by #basil-bourque, the account is required for several reasons.
That said, if it annoys you to have the PostgreSQL showing up in the login screen -as it did me-, you can remove it as long as you have admin user rights in MacOS.
Apple Support gives the following command to hide a user from the login screen:
$ sudo dscl . create /Users/hiddenuser IsHidden 1
However, since the PostgreSQL user was not included listed in the login window at installation, that command will yield no result -at least in Catalina, which is my OS.
You should use the following two commands instead, as suggested by josemarluedke:
## add postgres to the list of hidden users on login screen
$ sudo defaults write /Library/Preferences/com.apple.loginwindow HiddenUsersList -array-add 'postgres'
## instruct not to show any hidden accounts at login
$ sudo defaults write /Library/Preferences/com.apple.loginwindow SHOWOTHERUSERS_MANAGED -bool FALSE
Worked for me!
I'm setting up a server, with postgresql running as a service. I can use nmap to get current postgresql version
nmap -p 5432 -sV [IP]
It returns:
PORT STATE SERVICE VERSION
5432/tcp open postgresql PostgreSQL DB 9.3.1
Is there a way to hide the postgresql version from nmap scanning? I've searched but it's all about hiding the OS detection.
Thank you.
There's only one answer here: Firewall it.
If you have your Postgres port open, you will be probed. If you can be probed, your service can be disrupted. Most databases are not intended to be open like this to public, they're not hardened against denial-of-service attacks.
Maintain a very narrow white-list of IPs that are allowed to connect to it, and whenever possible use a VPN or an SSH tunnel to connect to Postgres instead of doing it directly. This has the additional advantage of encrypting all your traffic that would otherwise be plain-text.
You have a few options, but first understand how Nmap does it: PostgreSQL database server responds to a malformed handshake with an error message containing the line number in the source code where the error occurred. Nmap has a list of possible PostgreSQL versions and the line number where the error happens in that particular version. The source file in question changes frequently enough that Nmap can usually tell the exact version in use, or at least a range of 2 or 3 version numbers.
So what options do you have?
Do nothing. Why does it matter if someone can tell what version of PostgreSQL you are running? Keep it up to date and implement proper security controls elsewhere and you have nothing to worry about.
Restrict access. Use a firewall to limit access to the database system to only trusted hosts. Configure PostgreSQL to listen only on localhost if network communication is not required. Isolate the system so that unauthorized users can't even talk to it.
Patch the source and rebuild. Change PostgreSQL so that it does not return the source line where the error happened. Or just add a few hundred blank lines to the top of postmaster.c so Nmap's standard fingerprints can't match. But realize you'll have to do this every time there's a new version or security patch.
There is currently no way to enable SSL connections with a PostgreSQL connection on tableau's 8.2 version for Mac OSX. It used to be that you could create a generic ODBC and turn SSL as described here:
http://kb.tableausoftware.com/articles/howto/connect-to-postgresql-using-ssl-on-non-standard-port
Now there is no ODBC connections and PostgreSQL only has the following options:
Has anyone solved for this problem with the Mac Tableau version with Heroku Postgres?
This may not be a great long term answer, and doesn't answer your exact question, but might be a viable workaround if you haven't considered it:
You can use the Tableau data extract API to connect via SSL, read the info you need and create a Tableau extract. Then you can connect to the extract via a mac, and rerun your program on a schedule to refresh the extract periodically. You may even see a nice performance improvement, at the expense of not reading live up to the minute updates.
Then you can replace the extract connection with a live one, once Tableau improves their PostgreSQL driver to support SSL from macs.
Good day,
Currently I use MS Access at home for several Databases (for personal use).
At work, I use PostgreSQL, which is infinity times better. I want to start using postgres for my personally used databases, but I don't know where to start.
I've tried reading the documentation, but still don't know how to start. I don't have a server at home; is it possible I can just make a local database/tablespace? Or would I have to host a virtual server?
Note that I am willing to use other open source databases if there is an easy option out there - MS access is just so... terrible.
Thanks,
So, it seems you have Windows at home. You just need to download full installer for PostgreSQL:
http://www.postgresql.org/download/windows/
After installation it will automatically add starting postgres server as a service on local machine. That means, server will always run in background, but you can disable that later, or just uninstall.
After that, you can use pgAdmin (included in default installation package) or other client tools to access the DB engine.
UPD in pgadmin, create connection with this settings:
'localhost' as hostname;
port - 5432;
user, database - postgres (for testing purpose only - you should create your own user and tables with restricted rights later).
Password for postgres (that is DB admin user) must be entered during installation process.
Server settings are stored somewhere here:
"C:\Program Files\PostgreSQL\9.3\data"
pg_hba.conf - Client Authentication Configuration File
postgresql.conf - Configuration File
Please, any help will be appreciated, i have an OpenERP installed with all its components (Postgres, Web server, Server) in a VPS..
And I would like to use this PostgreSQL from my local machine trough pgAdmin3. I am still not able to do so.
I read some answers about this issue, by modifing Configuration Files in Postgresql and some others telling me to use SSH Tunilling trough Putty, but when i go to connect trough PGADMIN3 i can't have a successfuull connection
So , Please if any one could Give me in details What i have to do, to make this happen successfully,
First you need to ask yourself a bunch of questions. The answer to this isn't really that simple which is why it hasn't been answered. These involve risk management questions that happen when you set up your db for access across the internet. You really want to start by reading the administration and authentication sections of the PostgreSQL docs. You may want to do an SSH tunnel or just require SSL.
Personally I would configure PostgreSQL to require SSL if you are going to do that. Set up an entry of type hostssl in the pg_hba.conf for the host that will be connecting to it. Set up firewall rules to allow connections from that host. Ideally set up a client cert but not quite sure how to make OpenERP use that.
Then configure OpenERP. I don't know which version you are running but these docs may get you started.