public inbox for [email protected]help / color / mirror / Atom feed
postgres user password reset problem 3+ messages / 2 participants [nested] [flat]
* postgres user password reset problem @ 2020-06-12 04:19 Mike Dewhirst <[email protected]> 2020-06-12 04:50 ` Re: postgres user password reset problem Tom Lane <[email protected]> 0 siblings, 1 reply; 3+ messages in thread From: Mike Dewhirst @ 2020-06-12 04:19 UTC (permalink / raw) To: [email protected] I know this is a common problem because the web is full of advice. Sadly none of it has worked for me. I re-installed PostgreSQL 10 on Ubuntu 18.04 after removing it with --purge and now I can't get back into it. I have assigned a Linux password to the postgres user and I can sudo or su but psql is demanding its own password for its postgres user. The log says ... 2020-06-12 14:03:00.019 AEST [22214] postgres@postgres FATAL: password authentication failed for user "postgres" 2020-06-12 14:03:00.019 AEST [22214] postgres@postgres DETAIL: User "postgres" has no password assigned. Connection matched pg_hba.conf line 92: "host all all 127.0.0.1/32 md5" No password assigned. Which I knew. So I removed that "host all" line from pg_hba leaving only the "local all" lines and failed again ... the log now says ... 2020-06-12 14:09:12.846 AEST [22462] LOG: database system is ready to accept connections 2020-06-12 14:09:13.440 AEST [22470] [unknown]@[unknown] LOG: incomplete startup packet 2020-06-12 14:09:59.424 AEST [22498] postgres@postgres FATAL: no pg_hba.conf entry for host "127.0.0.1", user "postgres", database "postgres", SSL on 2020-06-12 14:09:59.427 AEST [22499] postgres@postgres FATAL: no pg_hba.conf entry for host "127.0.0.1", user "postgres", database "postgres", SSL off I am fairly lost here. My objective is to get the postgres user re-established, get my own user re-established, re-load the dump files and get back into production. Any advice appreciated Thanks Mike ^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: postgres user password reset problem 2020-06-12 04:19 postgres user password reset problem Mike Dewhirst <[email protected]> @ 2020-06-12 04:50 ` Tom Lane <[email protected]> 2020-06-12 06:42 ` Re: postgres user password reset problem Mike Dewhirst <[email protected]> 0 siblings, 1 reply; 3+ messages in thread From: Tom Lane @ 2020-06-12 04:50 UTC (permalink / raw) To: Mike Dewhirst <[email protected]>; +Cc: [email protected] Mike Dewhirst <[email protected]> writes: > I have assigned a Linux password to the postgres user and I can sudo or > su but psql is demanding its own password for its postgres user. The log > says ... > 2020-06-12 14:03:00.019 AEST [22214] postgres@postgres FATAL: password > authentication failed for user "postgres" 2020-06-12 14:03:00.019 AEST > [22214] postgres@postgres DETAIL: User "postgres" has no password > assigned. Connection matched pg_hba.conf line 92: "host all all > 127.0.0.1/32 md5" > No password assigned. Which I knew. So I removed that "host all" line > from pg_hba leaving only the "local all" lines and failed again ... Yeah. So, if the user doesn't have any password assigned in pg_authid, you cannot use a password-based auth method. And you can't just not have any auth method, which is why removing the pg_hba.conf line altogether does not work. You have to specify some other auth method than "md5". If this is a single-user machine, you could just skip all the BS and set the auth method to "trust", figuring that nobody but you can reach the localhost port anyway. A safer choice is "peer", but (at least on most platforms) that only works with unix-socket connections not TCP --- that is, you'd need to put it on a "local" pg_hba entry not a "host" entry. And those entries are not applicable in your usage, it seems. I wonder why your psql is trying a localhost TCP connection in the first place, though. Are you writing "psql -h localhost", and if so why? In short, my recommendation would be to put a "local all all peer" line in pg_hba, drop "-h localhost" if you're using that, and be sure to run psql as the Linux postgres user so that "peer" will let you in. If that doesn't work, "local all all trust" is a less secure fallback, and "host all all 127.0.0.1/32 trust" is another route if you really don't want to use unix-socket for some reason. regards, tom lane ^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: postgres user password reset problem 2020-06-12 04:19 postgres user password reset problem Mike Dewhirst <[email protected]> 2020-06-12 04:50 ` Re: postgres user password reset problem Tom Lane <[email protected]> @ 2020-06-12 06:42 ` Mike Dewhirst <[email protected]> 0 siblings, 0 replies; 3+ messages in thread From: Mike Dewhirst @ 2020-06-12 06:42 UTC (permalink / raw) To: Tom Lane <[email protected]>; +Cc: [email protected] On 12/06/2020 2:50 pm, Tom Lane wrote: > Mike Dewhirst <[email protected]> writes: >> I have assigned a Linux password to the postgres user and I can sudo or >> su but psql is demanding its own password for its postgres user. The log >> says ... >> 2020-06-12 14:03:00.019 AEST [22214] postgres@postgres FATAL: password >> authentication failed for user "postgres" 2020-06-12 14:03:00.019 AEST >> [22214] postgres@postgres DETAIL: User "postgres" has no password >> assigned. Connection matched pg_hba.conf line 92: "host all all >> 127.0.0.1/32 md5" >> No password assigned. Which I knew. So I removed that "host all" line >> from pg_hba leaving only the "local all" lines and failed again ... > Yeah. So, if the user doesn't have any password assigned in pg_authid, > you cannot use a password-based auth method. And you can't just not > have any auth method, which is why removing the pg_hba.conf line > altogether does not work. You have to specify some other auth method > than "md5". > > If this is a single-user machine, you could just skip all the BS and set > the auth method to "trust", figuring that nobody but you can reach the > localhost port anyway. > > A safer choice is "peer", but (at least on most platforms) that only > works with unix-socket connections not TCP --- that is, you'd need > to put it on a "local" pg_hba entry not a "host" entry. And those > entries are not applicable in your usage, it seems. I wonder why your > psql is trying a localhost TCP connection in the first place, though. > Are you writing "psql -h localhost", and if so why? > > In short, my recommendation would be to put a "local all all peer" > line in pg_hba, drop "-h localhost" if you're using that, and be > sure to run psql as the Linux postgres user so that "peer" will > let you in. If that doesn't work, "local all all trust" is a > less secure fallback, and "host all all 127.0.0.1/32 trust" is > another route if you really don't want to use unix-socket for > some reason. Using trust worked. All is now working and restored from dumps. Two of the databases are in production and the other four are for staging sites. Fortunately low traffic. Many thanks for your support Cheers Mike > > regards, tom lane ^ permalink raw reply [nested|flat] 3+ messages in thread
end of thread, other threads:[~2020-06-12 06:42 UTC | newest] Thread overview: 3+ messages (download: mbox mbox.gz follow: Atom feed) -- links below jump to the message on this page -- 2020-06-12 04:19 postgres user password reset problem Mike Dewhirst <[email protected]> 2020-06-12 04:50 ` Tom Lane <[email protected]> 2020-06-12 06:42 ` Mike Dewhirst <[email protected]>
This inbox is served by agora; see mirroring instructions for how to clone and mirror all data and code used for this inbox