Postgresql 中文操作指南
19.1. The PostgreSQL User Account #
对于可供外界访问的任何服务器守护进程,建议在独立用户帐户下运行 PostgreSQL。此用户帐户应仅拥有服务器管理的数据,且不应与其他守护进程共享。(例如,使用用户 nobody 不妥。)特别是,建议此用户帐户不拥有 PostgreSQL 可执行文件,以确保受损服务器进程无法修改这些可执行文件。
As with any server daemon that is accessible to the outside world, it is advisable to run PostgreSQL under a separate user account. This user account should only own the data that is managed by the server, and should not be shared with other daemons. (For example, using the user nobody is a bad idea.) In particular, it is advisable that this user account not own the PostgreSQL executable files, to ensure that a compromised server process could not modify those executables.
预封装版本的 PostgreSQL 通常会在安装软件包期间自动创建一个合适的用户帐户。
Pre-packaged versions of PostgreSQL will typically create a suitable user account automatically during package installation.
若要向系统中添加 Unix 用户帐户,请查找以下命令 useradd 或 adduser。通常使用 postgres 用户名,并且在本书中假设使用该名称,但是如果愿意,可以使用其他名称。
To add a Unix user account to your system, look for a command useradd or adduser. The user name postgres is often used, and is assumed throughout this book, but you can use another name if you like.