| From: | Andrew Sullivan <ajs(at)crankycanuck(dot)ca> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: dropdb ; createdb equivalent without createdb permission? |
| Date: | 2007-07-09 18:29:38 |
| Message-ID: | 20070709182938.GB28069@phlogiston.dyndns.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, Jul 09, 2007 at 02:13:55PM -0400, Tim Olsen wrote:
> like the user to be granted createdb permission for only a particular
> database. I don't believe this is possible in postgresql. Is there a
> dropdb-followed-by-createdb equivalent the user could use?
The reason it isn't possible is because there's no such thing as "a
particular database" at createdb time. It's just an empty database
with an arbitrary string (the name) identifying it.
You could, however, limit all of this by giving sudo access to the
person in question, where the sudo access is for a (set of) script(s)
that achieve what you want (e.g. scripts with the appropriate
createdb, psql -c "something" &c. inside them). Obviously, if the
user can edit the scripts, then your intention is still foiled.
A
--
Andrew Sullivan | ajs(at)crankycanuck(dot)ca
The fact that technology doesn't work is no bar to success in the marketplace.
--Philip Greenspun
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Steve Crawford | 2007-07-09 18:39:17 | Re: dropdb ; createdb equivalent without createdb permission? |
| Previous Message | Tim Olsen | 2007-07-09 18:13:55 | dropdb ; createdb equivalent without createdb permission? |