[GENERAL] Out of date security docs

2001-03-27 Thread Adam Haberlach 


This seems pretty out-of-date, since we seem to have had a 'CREATE GROUP' command
for as long as I can remember -- are there any more accurate docs out there?
How would I go about updating them?

http://www.postgresql.org/users-lounge/docs/7.0/postgres/security17760.htm

/***/
Currently, there is no easy interface to set up user groups. You have to
explicitly insert/update the pg_group table. For example:

jolly= insert into pg_group (groname, grosysid, grolist)
jolly= values ('posthackers', '1234', '{5443, 8261}');
INSERT 548224
jolly= grant insert on foo to group posthackers;
CHANGE
jolly=
/***/

-- 
Adam Haberlach|
[EMAIL PROTECTED]   | http://youlook.org
http://www.newsnipple.com |
'88 EX500'00 ^  |

---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

Re: [GENERAL] Out of date security docs

2001-03-27 Thread Tom Lane 

Adam Haberlach [EMAIL PROTECTED] writes:
 This seems pretty out-of-date, since we seem to have had a 'CREATE GROUP' command
 for as long as I can remember -- are there any more accurate docs out there?
 How would I go about updating them?

 http://www.postgresql.org/users-lounge/docs/7.0/postgres/security17760.htm

The 7.0 docs are out of date by definition ;-).  Take a look at the
development docs; if you don't like 'em, feel free to submit a patch
against the SGML sources.

Right offhand, the specific item you complain of seems to be fixed,
but that doesn't mean there's not plenty more work to do ...

regards, tom lane

---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

Re: [GENERAL] Out of date security docs

2001-03-27 Thread Einar Karttunen 

On Tue, 27 Mar 2001, Adam Haberlach wrote:


 This seems pretty out-of-date, since we seem to have had a 'CREATE GROUP' command
 for as long as I can remember -- are there any more accurate docs out there?
 How would I go about updating them?

 http://www.postgresql.org/users-lounge/docs/7.0/postgres/security17760.htm

 /***/
 Currently, there is no easy interface to set up user groups. You have to
 explicitly insert/update the pg_group table. For example:

 jolly= insert into pg_group (groname, grosysid, grolist)
 jolly= values ('posthackers', '1234', '{5443, 8261}');
 INSERT 548224
 jolly= grant insert on foo to group posthackers;
 CHANGE
 jolly=
 /***/


The easiest thing to do is to write a small utility to do this. Here is a
litle perlscript (as attachement) that does the inserting feel free to use
it. You need DBI and DBD::Pg to use it.

- Einar Karttunen


#!/usr/bin/perl

# Einar Karttunen 28.3.2001 [EMAIL PROTECTED] 
# this file must be distributed under GNU GPL

use DBI;
use DBD::Pg;

print 'group name: ';
$gn = ;
chomp $gn;
print 'group id (random if none entered): ';
$gid= ;
chomp $gid;
unless($gid =~ /^\d+$/) {
$gid = int(rand(50));
}
print 'space separated list of users to add: ';
$u = ;
chomp $u;
@users = split(' ',$u);

print ("groupname=$gn, groupid=$gid, users=");
foreach (@users) {
print "$_\/";
}
print "\ncontinue (y/n) ";
exit unless( =~ /y/o);

$dbh  = DBI-connect("dbi:Pg:dbname=ressu", einar, poiu,{RaiseError = 1, AutoCommit 
= 1});
foreach $n (@users) {
$val = $dbh-selectrow_array(q|SELECT usesysid FROM pg_user WHERE 
usename='|.$n.q|'|);
push @a,$val;
}
$dbh-do(qq|INSERT INTO pg_group (groname, grosysid, grolist) VALUES ('$gn', '$gid', 
'{|.join(',',@a).q|}')|);

$dbh-disconnect();

print "success\n";




---(end of broadcast)---
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])