Re: sudo/access to the postres OS user

sudo -u postgres /bin/bash
[sudo] password for test:

Sorry, user test is not allowed to execute '/bin/bash' as postgres

So it looks like this is not allowed

Austen

From: Athanasios Kostopoulos [mailto:athanasios(dot)kostopoulos(at)classmarkets(dot)com]
Sent: 15 August 2013 15:04
To: Birchall, Austen
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: [NOVICE] sudo/access to the postres OS user

Doesn't sudo -u postgres /bin/bash suffice? Or is not allowed by the sys admin?

On Thu, Aug 15, 2013 at 11:51 AM, Birchall, Austen <austen(dot)birchall(at)metoffice(dot)gov(dot)uk<mailto:austen(dot)birchall(at)metoffice(dot)gov(dot)uk>> wrote:
9.2 on Red Hat 6

Our OS Sys Admin have decided to withdraw my (DBA) access to the OS postgres account - so instead of
ssh/logging in to a DB host I I have to login in as 'myself' and then gain access to psql etc. via sudo
such as by doing
PSQL access as the postgres user
sudo -u postgres /usr/bin/psql <command line options>
which I have been granted permissions to do.

I have the following questions regarding this:

1. Is this standard/best practise?

2. In simple terms what is justification for dong this - looking at it from a DBA point of view?

3. As myself I current have no permissions on the ..../psql/data directory and its sub-directories including the log files, which IMHO I need in order to be able to function as a DBA - is there a preferred way in which I can be granted/gain this access other than by granting rights on files at an individual level?

Happy to (try to) explain further if none of this makes much sense.

Thanks in advance as always

Austen

Austen Birchall Senior Database Administrator
Met Office

--
Sent via pgsql-novice mailing list (pgsql-novice(at)postgresql(dot)org<mailto:pgsql-novice(at)postgresql(dot)org>)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-novice

classmarkets GmbH | Schumannstraße 6 | 10117 Berlin | Deutschland
Tel: +49 (0)30 56 59 001-0 | Fax: +49 (0)30 56 59 001-99 | www.classmarkets.com<http://www.classmarkets.com>

Amtsgericht Charlottenburg HRB 111815 B | USt.Id.Nr<http://USt.Id.Nr>: DE 260731582
Geschäftsführer: Veit Mürz, Fabian Ströhle

Diese Nachricht (inklusive aller Anhänge) ist vertraulich. Sie darf ausschließlich durch den vorgesehenen Empfänger und Adressaten gelesen, kopiert oder genutzt werden. Sollten Sie diese Nachricht versehentlich erhalten haben, bitten wir, den Absender (durch Antwort-E-Mail) hiervon unverzüglich zu informieren und die Nachricht zu löschen. Jede unerlaubte Nutzung oder Weitergabe des Inhalts dieser Nachricht, sei es vollständig oder teilweise, ist unzulässig. Bitte beachten Sie, dass E-Mail-Nachrichten an den Absender nicht für fristgebundene Mitteilungen geeignet sind. Fristgebundene Mitteilungen sind daher ausschließlich per Post oder per Telefax zu übersenden.