Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"

On Mon, Oct 31, 2022 at 10:03 PM Bryn Llewellyn <bryn(at)yugabyte(dot)com> wrote:

> It would seem proper to put any user who you want to set up for "local",
> "peer" authentication into the "postgres" group
>

Did you really mean to write that?

The postgres o/s user should be able to login using peer. It is a one-way
idea though. Wanting to login using peer says nothing about whether the
user getting that capability should be allowed to mess with the running
server in the operating system.

As for the rest, all I see is that you are using an opinionated package
manager to install software whose opinions you don't agree with. Maybe
there is some buggy behavior with respect to shared o/s db
administration among users in a common group...you haven't demonstrated
that one way or the other here. I think it is pointless to have the o/s
admin and postgres bootstrap user be anything but postgres and this whole
thing is counter-productive. But if you are going down to first
principles maybe you should install from source and build your own
"package" from that.

David J.