hi...
> I want to allow my web administrator (username 'admin') to be able to run a
> pg_dump on a database, to do backups on demand. I'm using PHP to execute
> the command via the web, but I need to allow the admin user to run that
> command (the user with access to the db is not admin, but rather 'mike').
> The admin user logs into a pwd protected administration site (the only user
> allowed into that site is admin) and runs the backup.
i've done nearly the same set up... here's what i learned while doing it:
1) running a web server with anything but an unprivleged account is just
ASKING for trouble, so i left it running nonprivileged (i.e. nobody, wwwuser,
etc)
2) i created an account in the database specifically to be used for this process
3) i hacked the pg_dumpall script and gave it permissions that would allow the
web server to run it (and only it!)
4) i created a directory (in /home) where the new pg_dumpall script could plop
its stuff.
5) the account/password used are hardcoded into the hacked pg_dumpall script
which is non-read/write, only runnable, by the web server
6) the PHP script vacuums the web server, backs-up the database with the
date/time being the name of the resulting file.
now with a proper log in to the web server, and the
push of a button, a staff member can make a backup of the database. the
database is stored in the protected destination directory, which they have no
way to access directly (the admins do, of course.. other system scripts handle
archiving the resultant back up files =).. so now an office
drone pushes a button and the database gets backed up =)
you could even do this via a cron job if you wanted... *shrug* or you could
have the backup encrypted and emailed.. or put right onto removable media... or
stored in someone's home dir if they give the right username/password combo,
etc...
--
Aaron J. Seigo
Sys Admin
************
