From: | Jodi Kanter <jkanter(at)virginia(dot)edu> |
---|---|
To: | Postgres Admin List <pgsql-admin(at)postgresql(dot)org> |
Subject: | pg_hba.conf file |
Date: | 2002-09-03 16:43:03 |
Message-ID: | 002401c25368$f9374b90$de138f80@virginia.edu |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
My current pg_hba.conf file looks like this:
local genex password pgpasswords_genex
host genex 127.0.0.1 255.255.255.255 password pgpasswords_genex
local herr_lab password pgpasswords_herr_lab
host herr_lab 127.0.0.1 255.255.255.255 password pgpasswords_herr_lab
"genex" and "herr_lab" are two separate databases which are used by two different departments. I set my pg_hba.conf file up this way to ensure that only the logins within the "pgpasswords_genex" file could access the genex database. And similarly for the herr_lab database - I only wanted user IDs within the pgpasswords_herr_lab file to access the herr_lab database.
The problem here is that template1 is not mentioned and therefore commands like dropdb and createdb are not functioning. I tried adding the following lines:
local template1 password pgpasswords_genex
local template1 password pgpasswords_herr_lab
The problem here is that the system seems to ignore the second line. The logins within the "pgpasswords_genex" file can now create and drop databases but the users in "pgpasswords_herr_lab" cannot.
I would like to set it up such that only the genex users (with db creation permissions) can add or drop the genex database and only the herr_lab users (with db create permissions) can add or drop the herr_lab database.
Is this possible? Can I get the system to recognize both pgpasswords files when referencing template1? Is there a better way to accomplish my goal?
I recall a message posted somewhat recently regarding the pg_passwd utility. Is there some security flaw that I need to be aware of?
Thanks for your help.
Jodi
_______________________________
Jodi L Kanter
BioInformatics Database Administrator
University of Virginia
(434) 924-2846
jkanter(at)virginia(dot)edu
From | Date | Subject | |
---|---|---|---|
Next Message | Jodi Kanter | 2002-09-03 17:42:41 | Re: pg_hba.conf file |
Previous Message | Justin Clift | 2002-09-03 13:05:52 | Re: PostgreSQL papers |