Hi, I have created a new patch. Please check to see if I am on the right track.
1) The GRANT and REVOKE statements look like: GRANT CONNECTION ON DATABASE db1 TO user1 (,user2,user3) REVOKE CONNECTION ON DATABASE db1 TO user1 (,user2,user3) 2) The file parsenodes.h is updated to support #define ACL_DATABASE_CONNECT 3) The file acl.h is updated to support #define ACL_DATABASE_CONNECT_CHR 'c' 4) Functions "string_to_privilege" and "privilege_to_string" in aclchk.c are updated to support ACL_DATABASE_CONNECT 5) Function "aclparse" in acl.c is updated to support ACL_DATABASE_CONNECT 6) Catalog version number is updated to CATALOG_VERSION_NO 200604211 7) File postinit.c method "ReverifyMyDatabase" is updated by following: First we check to make sure we are not in bootstrap processing mode. If not, we check to see if the connected user has ACL_DATABASE_CONNECT. If not, ereport(FATAL,.....) (Perhaps we should change the error message later) 8) File dbcommands.c method "createdb" is updated by following: When a new database is being created we add a default ACL by calling acldefault(ACL_OBJECT_DATABASE,.... and adding the default ACL by new_record[Anum_pg_database_datacl - 1] = PointerGetDatum(defaultAcl); This would mean, every time a new database gets created the owner of the database gets the ACL_OBJECT_DATABASE privilege and can login. Other users not having the privilege to that database get an error message. Because the catalog version is changed a pg_dump is necessarily, means all the new roles created from that point will get the ACL_OBJECT_DATABASE and everything should be "backward-compatible" At this moment the owner of the database CAN REVOKE himself form the ACL_OBJECT_DATABASE. If the implementation above is acceptable then I can work on this one :) http://www.xs4all.nl/~gevik/patch/patch-0.1.diff Did I forget something? Please advice. ---------------------------(end of broadcast)--------------------------- TIP 2: Don't 'kill -9' the postmaster