Is it possible to completely disable PostgreSQL roles, users, permissions etc

Question

In 99% of my use cases I don't need any of that stuff. Is it possible to completely disable it in PostgreSQL? All those users, roles, permissions etc...

Answer 1

No, it isn't.

But you can, if you really insist, just set everything to trust in pg_hba.conf and use the postgres superuser for everything.

I hope your systems are completely isolated from the Internet and accept no external user input of any kind though. Because those features are there for a reason. Even if your app is behind a middleware layer, etc, you should at minimum be using a non-superuser for normal app operations. Preferably also one who doesn't own the tables and is just GRANTed the needed access. This will help limit the damage from various possible attacks through your middleware layer.

Answer 2

I don't think you can completely disable the user/role system as Postgres is a client/server architecture and you will need user/role etc. to connect to the server.

But you can bypass it by setting up your default account, e.g. your username if you are using Unix/Linux as a database super user, or GRANT it all necessary privileges.

You can also modify the postgres configuration file, e.g. at /etc/postgresql/9.x/main/pg_hba.conf and change certain authentication method to trust, e.g., to trust any connections from the local machine:

# IPv4 local connections:
#host    all             all             127.0.0.1/32            md5
host    all             all             127.0.0.1/32            trust
# IPv6 local connections:
#host    all             all             ::1/128                 md5
host    all             all             ::1/128                 trust

You can also store your password in a .pgpass file, but mind the security risks there.