I am trying to set-up automatic backup for postgres db on a local headless server on Debian. I have a script:
#!/bin/bash
export PGPASSFILE='/home/mtn/.pgpass'
pg_dumpall -U db_user --verbose 2>/var/log/postgresql/pgdump.log | gzip > /mnt/bulk-data/db_backup/db_bak.gz
Have a .pgpass
file:
-rw------- 1 mtn mtn 47 Nov 13 10:14 .pgpass
with:
*:*:*:postgres:guest
*:*:*:db_user:guest
And a sudo crontab -e
job:
20 0 * * * /home/mtn/backup.sh >/dev/null 2>&1
pg_hba
:
local all postgres peer
When i try to run it i get:
pg_dumpall: error: could not connect to database "template1": FATAL: Peer authentication failed for user "db_user"
Where's the mistake?
PS Everything works if i change the script to run as root sudo -u postgres pg_dumpall
.
UPDATE:
What worked for me in the end is adding this line to pg_ident.conf
:
omicron root postgres
Then to pg_hba.conf
before everything else:
local all all ident map=omicron
And changing script to run pg_dumpall
as user postgres
(only because db_user
didn't have all necessary privilegies to dumpall
).
Best Answer
peer
authentication means postgresql accepts connections over unix socket from specified unix system user without password as specified database user, so trying to use PGPASS is pointless. More aboutpeer
access here: https://www.postgresql.org/docs/current/auth-peer.html In your case, yourpg_hba.conf
allows only system userpostgres
to connect all databases as database userpostgres
. I can't see yourdb_user
in yourpg_hba.conf
, so it can't connect.sudo -u postgres pg_dumpall
means you switch to system userpostgres
and runpg_dumpall
as that user connecting as database userpostgres
. That's why it works.