Collective user accounts are all well & good so long as everyone using
it understands that you don't change stuff. If you've got a user who is
adamant that they have to have a specific password, etc... Then your
only recourse is to create them their own user account. I've done that.
It's a bit painful, but a lot less than having the collective/generic
access account messed with. Therefore I agree wholeheartedly with Tom.
From: Tom Lane [mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us]
Sent: Thursday, February 24, 2005 10:46 AM
To: Alex Gutman
Subject: Re: [ADMIN] Preventing changes to default settings of a
Alex Gutman <agutman(at)emc(dot)com> writes:
> (The NOCREATEUSER option used when creating the collective user does
> prevent it from changing its own password via
> ALTER USER guest WITH ... PASSWORD ...
You think so?
This approach is doomed to failure --- the system sees no reason not to
allow a user to change his own configuration, including his password.
> Is there any way I could achieve my goal?
Use more than one username.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings
pgsql-admin by date
|Next:||From: Scott Marlowe||Date: 2005-02-24 17:43:58|
|Subject: Re: Preventing changes to default settings of a collective|
|Previous:||From: Bjoern Metzdorf||Date: 2005-02-24 17:22:51|
|Subject: Re: invalid multibyte character for locale|