How to grant access to an extra database user after restoring Red Hat Virtualization from a backup
Restore an additional user's database access after restoring Red Hat Virtualization to a fresh installation (or upgrading RHEV 3.6 to RHV 4.0).
If a backup contains grants for extra database users, restoring the backup with the --restore-permissions and --provision-db (or --provision-dwh-db) options will create the extra users with random passwords. You must change these passwords manually if the extra users require access to the restored system.
These steps restore access to the engine database. To restore access to the ovirt_engine_history database, replace engine in the following examples with ovirt_engine_history.
In the following examples, the restored user is called newuser, and the new password is mypassword.
-
Add the user to the /var/lib/pgsql/data/pg_hba.conf file:
1.1 Duplicate the two lines containing engine.local all all peer host engine engine 0.0.0.0/0 md5 host engine engine ::0/0 md51.2 In the duplicates, replace the second occurrence of engine with the extra user.
local all all peer host engine engine 0.0.0.0/0 md5 host engine engine ::0/0 md5 host engine newuser 0.0.0.0/0 md5 host engine newuser ::0/0 md5 -
Grant the user permission to access the database:
# su - postgres -c 'psql -U postgres -c "GRANT CONNECT ON DATABASE engine TO newuser;"' -
Change the user's password:
# su - postgres -c 'psql -U postgres -c "ALTER role newuser with login encrypted password '\''mypassword'\'';"' -
Restart the postgresql service:
# systemctl restart postgresql.service -
Test the new password and connection:
# psql -h localhost -U newuser engine Password for user newuser: engine=> select * from schema_version;
Comments