From: | Ron <ronljohnsonjr(at)gmail(dot)com> |
---|---|
To: | pgsql-general(at)lists(dot)postgresql(dot)org |
Subject: | Re: Trigger when user logs in |
Date: | 2019-04-14 12:58:22 |
Message-ID: | 106b546b-194a-36f6-b249-3f8dfb18c5bb@gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On 4/14/19 4:05 AM, Peter J. Holzer wrote:
> On 2019-04-13 22:22:16 -0500, Ron wrote:
>> In our case, another looming Auditor requirement is to be able to instantly
>> kick off -- or at least send a warning email -- when certain roles log in
>> from unapproved IP addresses or programs. For example, service accounts
>> should only be able to log in from IP addresses and certain applications.
>> Humans logging in via service accounts using pgAdmin should, for example, be
>> instantly kicked off.
> If you want to prevent a user from logging in (which is functionally
> equivalent but a bit stronger than "instantly kick off"), then this is
> definitely something that could and should be implemented via PAM (I'm
> not sure what information is passed to PAM, so you might get the IP
> address
Doesn't this require all Postgres roles to also be OS users?
> but not the application name (the latter can't be trusted
> anyway), for example).
--
Angular momentum makes the world go 'round.
From | Date | Subject | |
---|---|---|---|
Next Message | David Rowley | 2019-04-14 13:57:07 | Re: Planner can't seem to use partial function indexes with parameter from join |
Previous Message | Alastair McKinley | 2019-04-14 09:55:25 | Planner can't seem to use partial function indexes with parameter from join |