How to grant access to an extra database user after restoring Red Hat Virtualization from a backup

Updated -

Restore an additional user's database access after restoring Red Hat Virtualization to a fresh installation (or upgrading RHEV 3.6 to RHV 4.0).

If a backup contains grants for extra database users, restoring the backup with the --restore-permissions and --provision-db (or --provision-dwh-db) options will create the extra users with random passwords. You must change these passwords manually if the extra users require access to the restored system.

These steps restore access to the engine database. To restore access to the ovirt_engine_history database, replace engine in the following examples with ovirt_engine_history.

In the following examples, the restored user is called newuser, and the new password is mypassword.

  1. Add the user to the /var/lib/pgsql/data/pg_hba.conf file:
    1.1 Duplicate the two lines containing engine.

    local   all    all                   peer
    host    engine engine 0.0.0.0/0      md5
    host    engine engine ::0/0          md5
    

    1.2 In the duplicates, replace the second occurrence of engine with the extra user.

    local   all    all                   peer
    host    engine engine 0.0.0.0/0      md5
    host    engine engine ::0/0          md5
    host    engine newuser 0.0.0.0/0     md5
    host    engine newuser ::0/0         md5
    
  2. Grant the user permission to access the database:

    # su - postgres -c 'psql -U postgres -c "GRANT CONNECT ON DATABASE engine TO newuser;"'
    
  3. Change the user's password:

    # su - postgres -c 'psql -U postgres -c "ALTER role newuser with login encrypted password '\''mypassword'\'';"'
    
  4. Restart the postgresql service:

    # systemctl restart postgresql.service
    
  5. Test the new password and connection:

    # psql -h localhost -U newuser engine
    Password for user newuser:
    engine=> select * from schema_version;
    

Table of Contents

No