Nigel J. Andrews wrote:
>On Fri, 16 Jan 2004, Jeff Bowden wrote:
>
>
>>So maybe this is a packaging issue. On Debian when I install postgres
>>it is necessary to do root shit in order to enable non-priveledged users
>>to create and destroy databases. My understanding has alwasy been that
>>these operations are restricted because it can allow users to
>>accidentally or intentionally interefere with each other's use of the
>>server. If there is some way for this to be set up sanely by default to
>>allow users to successfully use createdb and dropdb on only their own
>>data, then I will file a wishlist bug against the Debian packages to add
>>this. Or is this all a pipe dream?
>>
>>
>
>I don't see what the problem is. PostgreSQL is perfectly able to be installed
>and run as any old user. Even if one is distributing via a package system, such
>as RPM perhaps, which has problems installing as non-root user if one sees the
>package already installed then there's no need to try to install it
>again. Even with the package installations there's bugger all stopping any old
>user doing an initdb -D myownplace.
>
>The standard postgres user on a system is only special in that it is generally
>the user the postmaster is run as. If you have other non-priviledged users and
>there's no need for them to share a cluster why try to make them?
>
>
I'm sorry, maybe I didn't state my ideas clearly enough. I was
following on to Tom Lane's suggestion that the Debian and RPM packages
make configuration "automatic". I was trying to explain that even after
installation, some administrator configuration is required to make the
server usable for non-privelidged users. Either in the form of creating
and dropping databases or in giving the users rights to do it themselves.
The way I'd like to make it work for my app is to run a seperate
postmaster as the user to avoid involving the machine administrator or
interfering with other users. If a shared install can be made to work
in an equivalent way, then I would rather go with that. I'm not clear
on whether that's possible though. My current understanding is that it
is not and that my original notion is the only way for my app.
