| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Trent Pingenot <pintj(at)hotmail(dot)com> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Permissions Scenerio |
| Date: | 2008-09-15 22:02:04 |
| Message-ID: | 20309.1221516124@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Trent Pingenot <pintj(at)hotmail(dot)com> writes:
> I've been a PostGres user for a while, but am just now having to implement some security for a project. The hope is that we can create an environment through Roles that would allow users the ability to create a database(s) and have access to their database(s) but not have access to others' databases. I've been able to get part of the way there to create a user with createDB privileges and recording them in the pg_hba.conf file. However, when my test user creates a new database, they are the owner of that database but can't use it. Is there a way to avoid having to add user /database entry in
> the pg_hba.conf file every time a user creates a new database?
Don't try to enforce per-database connect permissions in pg_hba.conf;
at least, not any such permissions you don't want to have to edit that
file to change. Instead use GRANT/REVOKE CONNECT ON DATABASE.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | kevin kempter | 2008-09-15 22:22:14 | shared_buffers setting |
| Previous Message | Eliot, Christopher | 2008-09-15 21:16:54 | Re: Moving DB data disk to a different machine |