Re: user manage their own pg_hba entries

hi sean
On Tue, 2006-07-25 at 07:52 -0400, Sean Davis wrote:
> If this is the way you are going to set things up
does this imply you have another setup scenario that would achieve the
same net result?
> , then I would just set up
> all the users to connect to all databases. Then, users can set permissions
> for their databases to limit privileges.
yeah, ok - will look into that... it just seems wrong though
> Doing what you suggest means
> giving everyone in your group access to the postgres account, with ability
> to edit the configuration file, pg_hba, and even to potentially delete
> files.
yes it does - and obviously thats not an option- but this _must_ be a
common enough need that there is a viable safe solution. For example
some sort of ability to import files from users home directory, or use
of wildcards in pg_hba.conf that means a users database can be prefixed
and permission be alloctaed accordinlgy, or _something_.?
> This is not a very safe (as in keeping things running smoothly) way
> to work. Make one person in charge of adding new users to pg_hba would be
> my two-centsnd worth of advice.
safe, but hardly viable - i dont want to have to drop what im doing and
edit pg_hba and reload every time someone adds a database, and my users
dont want to have to wait for me. I cant be the only person with this
dilema - so i guess im wondering how oher people handle it?

glenn

>
> Sean
>
>
> On 7/24/06 22:10, "Glenn Davy" <glenn(at)tangelosoftware(dot)net> wrote:
>
> > Hi
> > How do all you out there in postgres land who allow users who can create
> > thier own databases, also allow them to then add their db to pg_hba.conf and
> > then have
> > postgres reload those permissions
> >
> > Glenn
> >
> > ---------------------------(end of broadcast)---------------------------
> > TIP 1: if posting/reading through Usenet, please send an appropriate
> > subscribe-nomail command to majordomo(at)postgresql(dot)org so that your
> > message can get through to the mailing list cleanly
>