Connecting to a database$ psql postgres # the default database$ psql data

1. Connecting to a database
2.  
3. $ psql postgres # the default database
4. $ psql database_name
5.  
6. Connecting as a specific user
7.  
8. $ psql postgres john
9. $ psql -U john postgres
10. Connecting to a host/port (by default psql uses a unix socket)
11.  
12. $ psql -h localhost -p 5432 postgres
13. You can also explicitly specify if you want to enter a password -W or not -w
14.  
15. $ psql -w postgres
16. $ psql -W postgres
17. Password:
18. Once you’re inside psql you can control the database. Here’s a couple of handy commands
19.  
20. postgres=# \h # help on SQL commands
21. postgres=# \? # help on psql commands, such as \? and \h
22. postgres=# \l # list databases
23. postgres=# \c database_name # connect to a database
24. postgres=# \d # list of tables
25. postgres=# \d table_name # schema of a given table
26. postgres=# \du # list roles
27. postgres=# \e # edit in $EDITOR
28. At this point you can just type SQL statements and they’ll be executed on the database you’re currently connected to.
29.  
30. User Management
31. Once your application goes into production, or basically anywhere outside of your dev machine, you’re going to want to create some users and restrict access.
32.  
33. We have two options for creating users, either from the shell via createuser or via SQL CREATE ROLE
34.  
35. $ createuser john
36. postgres=# CREATE ROLE john;
37. One thing to note here is that by default users created with CREATE ROLE can’t log in. To allow login you need to provide the LOGIN attribute
38.  
39. postgres=# CREATE ROLE john LOGIN;
40. postgres=# CREATE ROLE john WITH LOGIN; # the same as above
41. postgres=# CREATE USER john; # alternative to CREATE ROLE which adds the LOGIN attribute
42. You can also add the LOGIN attribute with ALTER ROLE
43.  
44. postgres=# ALTER ROLE john LOGIN;
45. postgres=# ALTER ROLE john NOLOGIN; # remove login
46. You can also specify multiple attributes when using CREATE ROLE or ALTER ROLE, but bare in mind that ALTER ROLE doesn’t change the permissions the role already has which you don’t specify.
47.  
48. postgres=# CREATE ROLE deploy SUPERUSER LOGIN;
49. CREATE ROLE
50. postgres=# ALTER ROLE deploy NOSUPERUSER CREATEDB; # the LOGIN privilege is not touched here
51. ALTER ROLE
52. postgres=# \du deploy
53. List of roles
54. Role name | Attributes | Member of
55. -----------+------------+-----------
56. deploy | Create DB | {}
57. There’s an alternative to CREATE ROLE john WITH LOGIN, and that’s CREATE USER which automatically creates the LOGIN permission. It is important to understand that users and roles are the same thing. In fact there’s no such thing as a user in PostgreSQL, only a role with LOGIN permission
58.  
59. postgres=# CREATE USER john;
60. CREATE ROLE
61. postgres=# CREATE ROLE kate;
62. CREATE ROLE
63. postgres=# \du
64. List of roles
65. Role name | Attributes | Member of
66. -----------+------------------------------------------------+-----------
67. darth | Superuser, Create role, Create DB, Replication | {}
68. john | | {}
69. kate | Cannot login | {}
70. You can also create groups via CREATE GROUP (which is now aliased to CREATE ROLE), and then grant or revoke access to other roles.
71.  
72. postgres=# CREATE GROUP admin LOGIN;
73. CREATE ROLE
74. postgres=# GRANT admin TO john;
75. GRANT ROLE
76. postgres=# \du
77. List of roles
78. Role name | Attributes | Member of
79. -----------+------------------------------------------------+-----------
80. admin | | {}
81. darth | Superuser, Create role, Create DB, Replication | {}
82. john | | {admin}
83. kate | Cannot login | {}
84. postgres=# REVOKE admin FROM john;
85. REVOKE ROLE
86. postgres=# \du
87. List of roles
88. Role name | Attributes | Member of
89. -----------+------------------------------------------------+-----------
90. admin | | {}
91. darth | Superuser, Create role, Create DB, Replication | {}
92. john | | {}
93. kate | Cannot login | {}