Thread: AW: \c connects as another user instead I want in psql

AW: \c connects as another user instead I want in psql

From

Zeugswetter Andreas SB

Date:

03 May 2001, 12:42:46

> >> Is it possible that 1060 and 1092 have the same usesysid 
> in pg_shadow?
> 
> > Hmmm. That was the problem. Thanks! By the way, could you 
> please define a
> > unique constraint on column 'usesysid' in future in PostgreSQL?
> 
> Yup, there should be one (and one on usename, too).  Not sure why it's
> been overlooked so far.

The usesysid was originally intended to map pg users to unix accounts.
I do not see why it should not be possible to map different pg users
to a single unix account. The above imho stems from an improper use of this 
column which needs to be fixed, not the column made unique.

Andreas

Re: AW: \c connects as another user instead I want in psql

From

Tom Lane

Date:

03 May 2001, 13:29:53

Zeugswetter Andreas SB  <ZeugswetterA@wien.spardat.at> writes:
> The usesysid was originally intended to map pg users to unix accounts.
> I do not see why it should not be possible to map different pg users
> to a single unix account. The above imho stems from an improper use of this 
> column which needs to be fixed, not the column made unique.

No.  I'm not sure whether or not I believe the comment about Unix
accounts; Postgres does not care about Unix accounts, and never has
to my knowledge.  But it has always used the usesysid as owner
identification for database objects (tables etc).  If two different
users have the same usesysid then they are both the owner of these
objects; moreover they are interchangeable for permissions checks, too.
This is not a situation that has any practical use AFAICS.

There has been some talk of eliminating usesysid entirely in favor of
using the OID of the pg_shadow entry as the user's ID for ownership
identification.  If that happens, we'd want a unique index on OID
instead.
        regards, tom lane

Re: AW: \c connects as another user instead I want in psql

From

Ian Lance Taylor

Date:

03 May 2001, 19:06:19

Tom Lane <tgl@sss.pgh.pa.us> writes:

> No.  I'm not sure whether or not I believe the comment about Unix
> accounts; Postgres does not care about Unix accounts, and never has
> to my knowledge.  But it has always used the usesysid as owner
> identification for database objects (tables etc).  If two different
> users have the same usesysid then they are both the owner of these
> objects; moreover they are interchangeable for permissions checks, too.
> This is not a situation that has any practical use AFAICS.

On Unix it is reasonable to have multiple users with the same user ID.
You do this when they play the same role, but it is useful to
distinguish them for logging purposes.  They have different passwords,
of course, and logging code uses getlogin() to get the login name they
used.

I can imagine something similar within Postgres, using triggers to
record log information when changes are made.

Whether this is a feature worth having, I don't know.  But there is at
least one practical use.

Ian

---------------------------(end of broadcast)---------------------------
TIP 924: Good news from afar can bring you a welcome visitor.