| From: | Stephan Szabo <sszabo(at)megazone23(dot)bigpanda(dot)com> |
|---|---|
| To: | CJ Kucera <pez(at)apocalyptech(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Database-level permissions? |
| Date: | 2001-10-26 14:48:16 |
| Message-ID: | Pine.BSF.4.21.0110260743070.65868-100000@megazone23.bigpanda.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Fri, 26 Oct 2001, CJ Kucera wrote:
> I was wondering if there's some way in Postgres to implement database-
> level permissions for users. I know that I can define permissions on
> the tables in that database, but I'd really like to be able to lock
> a user out of a database entirely.
There are a couple of different ways to do this. It's based on the
policy in the pg_hba.conf file. If you want to limit each person to
a database by his or her own name, you should be able do this using
something like:
host sameuser <ip> <mask> <authtype>
If you want to do something more complicated, you can use per line
password files by doing something like:
host <db> <ip> <mask> password <file>
Where file is a user/password file that can be maintained by
pg_passwd. There should be more info in the pg_hba.conf comments.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephan Szabo | 2001-10-26 14:52:40 | Re: Referential integrity |
| Previous Message | Stephan Szabo | 2001-10-26 14:37:55 | Re: Directory Names???? |