From: | "Dmitry Koterov" <dmitry(at)koterov(dot)ru> |
---|---|
To: | "hubert depesz lubaczewski" <depesz(at)gmail(dot)com> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Creation of a read-only role. |
Date: | 2007-03-18 09:02:32 |
Message-ID: | d7df81620703180202j3bce42d1gb8c88dee338263ad@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Oh, sorry for the previous question - I can create a
scheme-changes-disallowed role by revoking the "CREATE" permission from all
the database schemas.
The issue seems to be closed now, thanks.
On 3/18/07, Dmitry Koterov <dmitry(at)koterov(dot)ru> wrote:
>
> > actually - you dont need the read-only role, if this is only for slave
> > nodes. slony takes care about the issue and doesn't allow any writes
> > on slaves.
> Great!
>
> But what about a role which can modify the data, but cannot modify the
> database schema?
>
> On 3/17/07, hubert depesz lubaczewski <depesz(at)gmail(dot)com> wrote:
> >
> > On 3/16/07, Dmitry Koterov <dmitry(at)koterov(dot)ru> wrote:
> > > Overall, we need 3 roles:
> > > 1. Administrator: can do anything with a database (by default this
> > user is
> > > already exists - "postgres").
> > > 2. Read-only: can only read. Runs on all slave nodes.
> >
> > actually - you dont need the read-only role, if this is only for slave
> > nodes. slony takes care about the issue and doesn't allow any writes
> > on slaves.
> >
> > depesz
> >
> > ---------------------------(end of broadcast)---------------------------
> > TIP 2: Don't 'kill -9' the postmaster
> >
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Alain Roger | 2007-03-18 10:18:07 | Re: issue with SELECT settval(..); |
Previous Message | Dmitry Koterov | 2007-03-18 08:59:10 | Re: Creation of a read-only role. |