Re: 'postgres' flag

There appears to be some delay on the list. I just received that message
this morning (how helpful)- I will be trying to implement it now and see how
far I can get. It looks like it'll work. Does it work with 'crypt' or only
'password' (i presently use crypted passwords, but I can change that if
it'll make all the difference)?

Now the even bigger question- why isn't this documented?
--
Mike

----- Original Message -----
From: "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Mike Rogers" <temp6453(at)hotmail(dot)com>
Cc: <pgsql-hackers(at)postgresql(dot)org>
Sent: Thursday, November 08, 2001 10:10 AM
Subject: Re: [HACKERS] 'postgres' flag

> "Mike Rogers" <temp6453(at)hotmail(dot)com> writes:
> > Anyone have a code hack to 7.1 to make postgreSQL break out of the
> > 'sameuser' jail if a user as the 'postgres' superuser flag?
>
> The difficulty with that idea is that the connection-matching code has
> no idea whether a given userid is superuser or not (indeed, that info
> is not available to the postmaster at all).
>
> > Or maybe to set
> > config file lines based also on 'superuser' (like 'crypt superuser' or
> > something like that). Otherwise I think I might make one.
>
> Did you read the thread a day or two back in pgsql-admin? Consider
> something like
>
> local sameuser password
> local all password crossauth
>
> where crossauth contains the usernames you want to allow to connect
> to databases other than their own.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo(at)postgresql(dot)org
>