Customize Internal PostgreSQL User

MetaDefender Core once installed, it will automatically create an internal PostgreSQL user for operation purpose, and so far that user name is auto randomized by MetaDefender Core and non adjustable (usr_<random characters>).

Now MetaDefender Core supports database system admin to define and change to their own PostgreSQL user instead.

That can be done in both deployment scenarios:

  1. Product installation (pre-setup)
  2. Product configuration (post-setup)
  1. Internal PG username has to be matched with Postgresql naming conventions https://www.postgresql.org/docs/7.0/syntax525.htm.
  2. We support backup/restore credential files mechanism. In case of customizing PostgreSQL user failure, the old credential file will be restored.
  3. In SharedDB mode, each MetaDefender Core instance must have a different private_username. Otherwise, those instances cannot be started in a parallel way.
  4. Currently we do not support internal PostgreSQL user contains special characters, space, uppercase. And it cannot begin with digits (0-9).

Product installation (pre-setup)

In the ignition file, there are 2 keys needed for this user setup:

  • dbserver/private_username
  • dbserver/private_password
  1. If private_username is not on the Postgres server, MetaDefender Core creates an internal user.
  2. If private_username matches the user of the Postgres server. The user on the Postgres is overridden, MetaDefender Corre doesn’t create a new internal user.

Product configuraton (post-setup)

Using the CLI tool bundled with MetaDefender Core to modify PostgreSQL internal user while MetaDefender Core is running:

  • Windows: C:\Program Files\OPSWAT\MetaDefender Core\ometascan-custom-internal-pg-user.exe
  • Linux: /usr/sbin/ometascan-custom-internal-pg-user

You can switch to other user with password optionally:

Bash
Copy

or you can drop the current user:

Bash
Copy

All options and arguments:

  • -h\t: (--help) instruction
  • -c\t: (--configuration-path) default value: HKEY_LOCAL_MACHINE\Software\OPSWAT\Metascan on Windows or /etc/ometascan/ometascan.conf on Linux
  • -nu\t: (--new-username) New username must be started with usr_
  • -np\t: (--new-password) new password
  • -r\t: (--remove-current-user) remove your current user
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
PostgreSQL User Privilege Requirements
On This Page
Customize Internal PostgreSQL UserProduct installation (pre-setup)Product configuraton (post-setup)