Re: user manage their own pg_hba entries

On 7/25/06 19:48, "Glenn Davy" <glenn(at)tangelosoftware(dot)net> wrote:

> Delightful - thanks for the news. in mean times seans comments will get
> me out of trouble, so thanks again sean

No problem. And just in case you are NOT running a mission-critical
installation, the 8.2 cvs code will probably install and work just fine. I
have installed the cvs code for the past two major versions without major
incident, in case you wanna "try it".

Sean

> On Tue, 2006-07-25 at 11:41 -0400, Tom Lane wrote:
>> Sean Davis <sdavis2(at)mail(dot)nih(dot)gov> writes:
>>> If this is the way you are going to set things up, then I would just set up
>>> all the users to connect to all databases. Then, users can set permissions
>>> for their databases to limit privileges.
>>
>> This will work a lot better as of 8.2; we've added a CONNECT privilege
>> for databases that can be manipulated with ordinary GRANT/REVOKE commands.
>> Unfortunately that's not in any released version :-(
>>
>> For the moment, the easiest way to handle it is via groups. The trick
>> is to create a group associated with each database (and named the same
>> as the database), then use the "samegroup" option in pg_hba.conf to show
>> that people can log into databases if they are members of the
>> corresponding group. Then granting and revoking group membership gets
>> the job done without any changes in pg_hba.conf.
>>
>> regards, tom lane
>>
>> ---------------------------(end of broadcast)---------------------------
>> TIP 4: Have you searched our list archives?
>>
>> http://archives.postgresql.org
>
> ---------------------------(end of broadcast)---------------------------
> TIP 9: In versions below 8.0, the planner will ignore your desire to
> choose an index scan if your joining column's datatypes do not
> match