I have successfully set up pgAgent daemon (running on the same server as Postgres 9.3). I would like to restrict permissions on pgAgent. Created 'pgagent' login role, and granted it (via group role) all permissions on postgres.pgagent schema:
CREATE ROLE pgagent LOGIN
NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION;
CREATE ROLE scheduler
NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION;
GRANT scheduler TO pgagent;
grant all on schema pgagent to scheduler;
grant all on all tables in schema pgagent to scheduler;
grant all on all functions in schema pgagent to scheduler;
grant connect on database postgres to scheduler;
However pgAgent refuses to execute any jobs, and just sits there idly. No error messages in logs. If I start pgagent as 'postgres' user it runs fine. Or, if I 'grant postgres to scheduler' it also runs fine.
What permissions am I missing here?
Best Answer
Had this same issue!
Looking in the postgres log it appeared pgagent was failing to invoke one of the sequences in order to add entries into the job log. Once I did the below (in postgres 9.3) and restarted my pgagents, all worked well: