On Sun, Jan 29, 2006 at 02:01:51PM -0500, Tom Lane wrote:
> The 8.1 documentation uses the term "role", which seems unlikely to be
> confused with Unix groups:
...
> Good enough?
Yes :-)
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
--
Karsten Hilbert <[EMAIL PROTECTED]> writes:
> Aha ! Indeed, the 7.4 documentation wasn't clear enough on
> that (for me):
> "... The value samegroup specifies that the requested user
> must a member of the group with the same name as the
> requested database. ..."
> Might this be amended to say
On Sat, Jan 28, 2006 at 06:17:16PM -0500, Tom Lane wrote:
> > I am using a create_user() SP created by "postgres" with
> > "security definer" (gasp). This works just fine, however, it
> > transfers createuser rights to *anyone* allowed to connect
> > to the database the function is in.
>
> Not if
Karsten Hilbert <[EMAIL PROTECTED]> writes:
> I am using a create_user() SP created by "postgres" with
> "security definer" (gasp). This works just fine, however, it
> transfers createuser rights to *anyone* allowed to connect
> to the database the function is in.
Not if you restrict who's allowed
On Sat, Jan 28, 2006 at 11:04:09AM -0500, Tom Lane wrote:
> > I have a faint memory of it being possible to create users
> > "inside" *one* given database by way of a particular "create
> > user" syntax along the lines of:
> > create user [EMAIL PROTECTED] ...;
> There is the db_user_namespace kl
Karsten Hilbert <[EMAIL PROTECTED]> writes:
> I have a faint memory of it being possible to create users
> "inside" *one* given database by way of a particular "create
> user" syntax along the lines of:
> create user [EMAIL PROTECTED] ...;
There is the db_user_namespace kluge^H^H^H^H^Hparameter,
Hello,
I don't think you can create users *inside* a database, but for each
database,
you can create global users and make them members of a group having the same
name than your database.
Then, in pg_hba.conf, the folllowing line will give to your users the
permission to
connect to the datab
