| From: | Nicolas Kowalski <Nicolas(dot)Kowalski(at)imag(dot)fr> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: User rights |
| Date: | 2001-06-13 15:56:41 |
| Message-ID: | Pine.LNX.4.33.0106131747550.32676-100000@girose.imag.fr |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Wed, 13 Jun 2001, Tom Lane wrote:
TL> Nicolas Kowalski <Nicolas(dot)Kowalski(at)imag(dot)fr> writes:
TL> > The problem is, if a user tries to authenticate and is not in the
TL> > pg_shadow system table but *is* in the passwd file, the access will
TL> > always fail. If the user appears in the pg_shadow table, no problems.
TL>
TL> If you're not in pg_shadow you are not a postgres user. Bogus
TL> entries in password files won't help you.
Normal behaviour. Ok, I surrender.
TL>
TL> > By mistake, I deleted a user (me in fact) from the pg_shadow table. I
TL> > was the owner of several tables. As a superuser, I re-created the user,
TL> > with the same information, sysid included. But now, I am unable to
TL> > manage or even do some SELECT on the table I was the owner. I checked
TL> > the relowner field in the pg_class table, and it has the value of my
TL> > sysid...
TL>
TL> Hmm, that should work, if you're sure you got the right sysid. Also
TL> check to make sure there is only one row in pg_shadow with that sysid.
As superuser :
datavm=# SELECT usename,usesysid from pg_shadow where
usename='kowalski';
usename | usesysid
----------+----------
kowalski | 5519
(1 row)
datavm=# SELECT usename,usesysid from pg_shadow where usesysid='5519';
usename | usesysid
----------+----------
kowalski | 5519
(1 row)
datavm=# SELECT relowner from pg_class where relname='sys_machine';
relowner
----------
5519
(1 row)
datavm=# SELECT relowner from pg_class where relname='sys_equipment';
relowner
----------
5519
(1 row)
datavm=# \dz
...
sys_machine | {"=","admin=r"}
...
sys_equipment |
...
As user kowalski :
datavm=> SELECT * from sys_machine ;
ERROR: sys_machine: Permission denied.
datavm=> SELECT * from sys_equipment ;
id | description | delivery | ownership | location | invoice_id
| comme
nt
-----+------------------+------------+-----------+----------+------------+------
---
9 | IMPRIMANTE | 1996-11-12 | P | VERIMAG |
|
1 | LECTEUR DE BANDE | 1997-07-16 | P | VERIMAG |
|
204 | MAC PORTABLE | 2000-06-27 | P | VERIMAG |
...and so on.
What is wrong ?
Nicolas.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David M. Richter | 2001-06-13 16:02:31 | IRIX AND POSTGRES 7.1.2 |
| Previous Message | Tom Lane | 2001-06-13 14:29:33 | Re: performance issues |