Skip site navigation (1) Skip section navigation (2)

Re: Role based database access

From: Carol Walter <walterc(at)indiana(dot)edu>
To: Scott Marlowe <smarlowe(at)g2switchworks(dot)com>
Cc: Thomas Mack <mack(at)ifis(dot)cs(dot)tu-bs(dot)de>, pgsql-admin(at)postgresql(dot)org
Subject: Re: Role based database access
Date: 2007-05-24 19:43:38
Message-ID: 23F88DA7-D18C-440B-B902-AA0B13D166A4@indiana.edu (view raw or flat)
Thread:
Lists: pgsql-admin
Hello,

I'm not sure why wish not to pre-create a database for each student  
and limiting them to that database with the no create database priv.   
Depending on why you want to do that, I think you might be able to  
give each user a schema.  I think access to schemas has to be  
explicitly granted.  We've had students create other schemas instead  
of using "public" and it really causes problems when they want to  
grant users access to their databases.  In your case, this might work  
to your advantage.

Carol Walter

On May 24, 2007, at 2:31 PM, Scott Marlowe wrote:

> Thomas Mack wrote:
>> Hello!
>>
>> I face a problem here with restricting access to databases to
>> the owners of the database (Postgres 8.1.4).
>>
>> We would like any postgres user to have database access restricted
>> to their own databases only. This is so, as we use postgres for
>> educational purposes.
>>
>> I looked into pg_hba.conf, but unfortunately, when restricting
>> database access in the database field, the NAME(!) of the database
>> is concerned, which we do not restrict. Any user can create as
>> many databases as needed, and the name may be choosen freely.
>>
>> The 'user' field does not help in this either.
>>
>> So is there any chance to achieve what we need without revoking
>> the 'create database' permission and pre-creating the databases
>> for all our users?
>>
>> Thanks,
>> Thomas Mack
>>
> Does not the sameuser database name work for you in pg_hba.conf?   
> I.e. you can only log into the database that bears your name.
>
>
> ---------------------------(end of  
> broadcast)---------------------------
> TIP 5: don't forget to increase your free space map settings


In response to

pgsql-admin by date

Next:From: mackDate: 2007-05-24 20:02:49
Subject: Re: Role based database access
Previous:From: Scott MarloweDate: 2007-05-24 18:31:22
Subject: Re: Role based database access

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group