What is the postgres user that is setup by the PostgreSQL@15 homebrew formula?

Question

Background

I am new to Postgres and currently going through the documentation as I'm learning to use it. I am having trouble understanding the Postgres user.

I noticed that I can run psql postgres without inputting any kind of password, and I have the power to create and alter users. I was trying to determine whether it is normal for the user postgres to have no password or if I should set one manually.

What I've Tried

I tried to find an explanation on the Postgres 15 documentation but was only able to find a limited explanation here. The documentation is pretty expansive so despite my best efforts I haven't been able to find a better explanation.

I also found this question where the top answer said you can determine the username using \du. When I ran this command, it outputted my computer username instead of "postgres" and indicated I'm a superuser.

postgres=# \du
                                   List of roles
 Role name |                         Attributes                         | Member of
-----------+------------------------------------------------------------+-----------
 ciesinsg  | Superuser, Create role, Create DB, Replication, Bypass RLS | {}

Question in a nutshell

So my question is what is this postgres user, and is it safe to leave it without a password?

Additional Info

I am using PostgresQL@15 installed using homebrew on M2 MBP.

I also understand that it is advisable to set up new users and set them as owners in new databases. I am just worried that the lack of authentication on the postgres user may result in a bad actor altering my existing users if I don't take precautions.

Clarification *

This question is based on my incorrect interpretation of the PostgreSQL getting started documentation. I am posting this clarification without editing the question in case anyone else is similarly confused.

psql postgres actually connects to the postgres database, and not the postgres user. As per Ardian's reply, this homebrew documentation outlines how the formula sets up the database and ownership.

I wasn't paraphrasing, the command I ran is written verbatim in the previous sentence as `\du`. In the terminal, it looks like: `postgres=# \du` . I will edit to add the response as well. — GeorgeCiesinski, Jun 23 '23 at 17:59
Actually you are connecting to `postgres` database as user(role)`ciesinsg`. See [psql](https://www.postgresql.org/docs/current/app-psql.html). As to why you can do that without a password, it is because of the setting in [pg_hba.conf](https://www.postgresql.org/docs/current/auth-pg-hba-conf.html). Best guess is yours has either `trust` or `peer` set up for the `auth` method. See also [Homebrew](https://wiki.postgresql.org/wiki/Homebrew). Important part *... When you do it will be "owned" by your username and create the `postgres` and `template1` databases.* — Adrian Klaver, Jun 23 '23 at 18:12
Have you read through this QA? There's some recent answers that discuss installing postgres via homebrew on macOS: https://stackoverflow.com/questions/15301826/psql-fatal-role-postgres-does-not-exist — Dai, Jun 23 '23 at 18:12
You might to look at [postgres.app](https://postgresapp.com/). I'm not a Mac user but it looks more understandable to me. — Adrian Klaver, Jun 23 '23 at 18:19
Thanks for the suggestion, and explanation. That makes a lot more sense now that I see I was connecting to the posgres **database** and not the user. If you post an actual answer I can select it as the answer since this resolved my misunderstanding. — GeorgeCiesinski, Jun 23 '23 at 18:58

score 1 · Accepted Answer · answered Jun 23 '23 at 19:47

This is a packaging decision which the Postgres community docs do not cover as that is outside their purview. When a Postgres instance is set up there is OS user that creates/owns the cluster it and a database superuser that is created to manage the cluster to start. By convention both those users are named postgres. See initdb for more information. That is a convention not a requirement and downstream packagers can create their own users. In the Homebrew case the user name of the user installing the packages is the OS user that owns the cluster. It is also used to create the database superuser name. When running psql postgres per the psql docs you are connecting to the postgres database as the OS user you are running psql as. In this case it matches the database superuser name. A password was not required because the pg_hba.conf was setup to not require a database password for a local connection.