On Wed, 31 Jul 2002, Bruce Momjian wrote: > Marc G. Fournier wrote: > > > I am working on it now. I decided against doing any kind of database > > > prepending at the user level. You create the user as 'dbname.username'. > > > That is clearer, rather than prepending based on the db you are > > > connected to. The only code change is in the postmaster authentication > > > lookup and ownership setting from the backend connection. > > > > Okay, just a couple of questions ... if there any way of provide > > 'superuse' access a user of the database for creating new users? Say one > > creates a dbname.pgsql account, could it be given 'create user' privileges > > for other users with a prefix of dbname.*? > > Uh, that will be tough. > > Super-user account will not be qualified by dbname for simplicity. > > > and, what happens if one doesn't specify dbname.*? does that user become > > 'global', or have access to nothing? > > Access to nothing. I could actually try to quality by dbname.username, > then fall back to just username, but that seems insecure.
No, that's cool ... just questions I thought of ... Okay ... hmmm ... just making sure that I understand ... I setup a server, when does this dbname.* come into play? Only if I enable password/md5 in pg_hba.conf for a specific database? all others would still use a plain 'username' still works? or are you getting rid of the 'global usernames' altogether (which is cool too, just want to clarify) ... ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster