someone hacked one of my servers using postgres user account.
what I do not know is:
what is this users home folder?
where would bash_history be?
grep postgres /etc/passwd will print you out the home directory for postgres account.
The bash_history would be located in the root of postgres account home directory, for example
/home/postgres/.bash_history. But if someone was skilled enough to actually hack your server, don't expect that history file to be accurate or even present any more.
Probably the user account could browse around your filesystem, but of course could not read files like /etc/shadow, unless your server got rooted by using some exploit. He also could have installed some daemons listening for network connections, or for example a irc-bot which connects to IRC and receives the commands from there.