The server must be started under an unprivileged user ID to prevent
mysql8
PostgreSQL
[root@test local]# postgres -D /usr/local/pgsql/data
"root" execution of the PostgreSQL server is not permitted.
The server must be started under an unprivileged user ID to prevent
possible system security compromise. See the documentation for
more information on how to properly start the server.
[root@test local]#
https://www.postgresql.org/docs/10/static/postgres-user.html
18.1. The PostgreSQL User Account
As with any server daemon that is accessible to the outside world, it is advisable to run PostgreSQL under a separate user account. This user account should only own the data that is managed by the server, and should not be shared with other daemons. (For example, using the user nobody
is a bad idea.) It is not advisable to install executables owned by this user because compromised systems could then modify their own binaries.
To add a Unix user account to your system, look for a command useradd
or adduser
. The user name postgres is often used, and is assumed throughout this book, but you can use another name if you like.