On Sun, Nov 27, 2005 at 12:32:06PM +0100, Egy?d Csaba wrote:
> Hi All,
>
> I'd like to know if there is a method to let a user login into only
> predefined databases? I know that I could edit pg_hba.conf to achive this,
> but
> - there will be many databases on the server with the same structure but
> with different data
> - there will be "local admins" who must be able to create new "local users"
> (of their own db)
> - it is a win32 client application... so editing pg_hba.conf is not too
> easy...
>
> So I'd need an administrative method (command?) which is capable to define
> (in the server level) a set of databases (0, 1 or more) for every user which
> she can login and prevent her from logging in to any other databases. This
> data should be modified via SQL statements like GRANT.
>
> I tried to REVOKE all priviges from a user on a db, but the user still able
> to login. Another question is that she can't do anything.
>
> Any ideas?
I think you're basically stuck with pg_hba.conf. There's been some
functions added to 8.1 that make it possible to do some more
administrative stuff with config files via SQL, but I'm not sure if
they'd cover this case.
I can see where this could be a problem for people providing hosting; if
enough other users request this functionality it might make it onto the
TODO list.
--
Jim C. Nasby, Sr. Engineering Consultant jnasby@pervasive.com
Pervasive Software http://pervasive.com work: 512-231-6117
vcard: http://jim.nasby.net/pervasive.vcf cell: 512-569-9461