| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | "Shridhar Daithankar<shridhar_daithankar(at)persistent(dot)co(dot)in>" <shridhar_daithankar(at)persistent(dot)co(dot)in> |
| Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Handling users |
| Date: | 2003-02-18 15:19:43 |
| Message-ID: | 20030218151943.GA11897@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Tue, Feb 18, 2003 at 19:41:38 +0530,
"Shridhar Daithankar<shridhar_daithankar(at)persistent(dot)co(dot)in>" <shridhar_daithankar(at)persistent(dot)co(dot)in> wrote:
>
> Correct me if I am wrong, but when I run ident authentication, I have to
> create OS users right? And with sshd enabled on box for admin reasons, I
> don't want to let everybody login. I agree I can set their login to
> /sbin/false on linux or nologin on BSD.
Well yes, but the app has to run as some user. What you are probably missing
is that your don't have to use sameuser with ident authentication. You can
give a list of which database users an OS user is allowed to connect as.
So that the app OS user can be allowed connect to a specific list of DB
users without using a password.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mark Cave-Ayland | 2003-02-18 15:20:36 | 7.3.1 takes long time to vacuum table? |
| Previous Message | Tom Lane | 2003-02-18 15:18:50 | Re: Anybody see the post? |