No password prompt for postgresql superuser

Question

After I installed PostgreSQL 9.1 on Ubuntu 12.04 I set the password for the \"postgres\" superuser account. I want all users to have to enter their password when loging in.

Answer 1

Re your odd behaviour, I think you've missed a line of pg_hba.conf that's specific to the postgres user. Please show the output of:

grep '^[^#]' pg_hba.conf 

As for ident vs md5; personally I prefer ident for interactive use in development, and it's fine for normal users, but I don't think giving access to the postgres user via sudo is a great idea. Both sudo -u postgres psql and psql -U postgres -W grant access to the postgres superuser role and thus file system access as the database user. Neither require a root password, and sudo can easily be constrained via sudoers to limit the invoking user to just running psql. However, with sudo -u postgres psql the client code runs as postgres too, so it's a bigger attack surface, and there's always the chance of the user finding a way to bypass your sudoer limits.

I use ident in dev, md5 in production.