Skip site navigation (1) Skip section navigation (2)

Re: Database-level permissions?

From: Stephan Szabo <sszabo(at)megazone23(dot)bigpanda(dot)com>
To: CJ Kucera <pez(at)apocalyptech(dot)com>
Cc: pgsql-general(at)postgresql(dot)org
Subject: Re: Database-level permissions?
Date: 2001-10-26 14:48:16
Message-ID: Pine.BSF.4.21.0110260743070.65868-100000@megazone23.bigpanda.com (view raw or flat)
Thread:
Lists: pgsql-general
On Fri, 26 Oct 2001, CJ Kucera wrote:

> I was wondering if there's some way in Postgres to implement database-
> level permissions for users.  I know that I can define permissions on
> the tables in that database, but I'd really like to be able to lock
> a user out of a database entirely.

There are a couple of different ways to do this.  It's based on the
policy in the pg_hba.conf file.  If you want to limit each person to
a database by his or her own name, you should be able do this using
something like:
host sameuser <ip> <mask> <authtype>


If you want to do something more complicated, you can use per line 
password files by doing something like:
host <db> <ip> <mask> password <file>
Where file is a user/password file that can be maintained by 
pg_passwd.  There should be more info in the pg_hba.conf comments.


In response to

pgsql-general by date

Next:From: Stephan SzaboDate: 2001-10-26 14:52:40
Subject: Re: Referential integrity
Previous:From: Stephan SzaboDate: 2001-10-26 14:37:55
Subject: Re: Directory Names????

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group