From: | Trent Pingenot <pintj(at)hotmail(dot)com> |
---|---|
To: | <pgsql-admin(at)postgresql(dot)org> |
Subject: | Permissions Scenerio |
Date: | 2008-09-15 21:07:22 |
Message-ID: | BAY105-W1914C2300B5F700EB8BC82A6520@phx.gbl |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Hello list,
I've been a PostGres user for a while, but am just now having to implement some security for a project. The hope is that we can create an environment through Roles that would allow users the ability to create a database(s) and have access to their database(s) but not have access to others' databases. I've been able to get part of the way there to create a user with createDB privileges and recording them in the pg_hba.conf file. However, when my test user creates a new database, they are the owner of that database but can't use it. Is there a way to avoid having to add user /database entry in
the pg_hba.conf file every time a user creates a new database?
Here is the current hba conf file I have
host all postgres 127.0.0.1/32 md5 # Super user admin account
host samerole testuser 127.0.0.1/32 md5
host template_db all 127.0.0.1/32 md5
Under this conf file my testuser can create a new db, but then doesn't have access to it b/c no entry exsists in the conf file.
This is probably an easy change but being new to PostGres security I'm not seeing it.
If I can't do this with Roles, can I do it with schemas to give users only access to their own stuff within a database?
Thanks in advance for any guidance
- Trent
From | Date | Subject | |
---|---|---|---|
Next Message | Eliot, Christopher | 2008-09-15 21:16:54 | Re: Moving DB data disk to a different machine |
Previous Message | Scott Marlowe | 2008-09-15 20:05:12 | Re: Moving DB data disk to a different machine |