Re: Modifying pg_shadow? - Mailing list pgsql-novice
| From | Jason Hihn |
|---|---|
| Subject | Re: Modifying pg_shadow? |
| Date | |
| Msg-id | NGBBLHANMLKMHPDGJGAPEENDCMAA.jhihn@paytimepayroll.com Whole thread Raw |
| In response to | Re: Modifying pg_shadow? (Oliver Fromme <olli@lurza.secnetix.de>) |
| List | pgsql-novice |
> -----Original Message----- > From: pgsql-novice-owner@postgresql.org > [mailto:pgsql-novice-owner@postgresql.org]On Behalf Of Oliver Fromme > Sent: Tuesday, September 09, 2003 11:55 AM > To: Jason Hihn > Cc: pgsql-novice@postgresql.org > Subject: Re: [NOVICE] Modifying pg_shadow? > > > > Jason Hihn wrote: > > "Chapter 9. Backup and Restore": > > pg_dump dbname > outfile > > That'll backup a complete database. > > > What's the dbname for the system tables? > > There is none. The system tables are always visible, no > matter which DB you're connected to. That's why they are > system tables ... > > > The -g option of pg_dumpall only > > does users and groups. No other tables. (Eek!) > > What other information do you need to be dumped? Users and > groups are the _only_ global (i.e. cluster-wide) objects, > as far as I have learned. Everything else is related to a > specific database, so it will be dumped along with that > database when you use pg_dump. > OOOh. > > Ah, wonderful. This is what I was looking for. Though in the > past I've used > > databases where I wouldn't have to parse this text. It was > quite easy and > > fun to work with as tuple data. *wink* > > In my opinion it shouldn't be visible at all, because it > encourages all kinds of abuse ... Abuse? I guess you could find out who as access to what and limit your pasword guessing t a few accounts, but even then it's just a matter of time. > > Ok, so I have a question If I have 2 databases, a and b, and > they both have > > a table, c, how do I grant permissions only to table a.t and > not both tables > > in both databases at the same time? The intituve answer is not > correct - > > that 'ON a.t ...' does not work. > > You're always connected to one database. A GRANT command > will affect only that database, nothing else. Even when > you issue GRANT on system tables (which are visible in > every database), the change will only affect the database > you're connected to. I learned that a few days ago, thanks > to Tom Lane. :-) That would be a worth while addition to the docs - that it effects only the currently connected database. > > > However, in your case, it might be beneficial to store the > > > data about users in your own database, in a format which is > > > suitable for your use. You can then generate grant/revoke > > > commands from that if necessary. It would also be a lot > > > more portable than depending on the internal structure of > > > PG system tables. > > > > I really don't want to have to re-invent the wheel here. > > Well, if you prefer to use ready-made wheels which are > square instead of round ... ;-) Well, I'd rather use your wheel and knock off a few corners... Thanks to everyone - I think all my questions for now are solved!
pgsql-novice by date: