Thread: Which version?

Which version?

From
"Herbie McDuck"
Date:
Will PostgreSQL latest version compile on a Linux 2.2.19 kernel?



Re: Which version?

From
Bruno Wolff III
Date:
On Wed, Jun 25, 2003 at 17:52:57 -0700,
  Herbie McDuck <herbie@faams.net> wrote:
> Will PostgreSQL latest version compile on a Linux 2.2.19 kernel?

It works on 2.2.16-4 from Redhat. It is unlikely the Kernel version
would be a problem anyway.

authentication questions

From
Michael Hanna
Date:
I have a pg7.3.3 on a computer that's available on the internet, and
behind a firewall.

on certain DBs, I want remote access via users who are not unix users
on the computer. Do I keep a table of users and passwords? I only want
them to be able to access information via a web browser(I have apache
running too, will use PHP or Tomcat, not sure. leaning towards PHP). I
looked through the pg_ident.conf docs..didn't seem to help much..

I also want to connect to the DB via openSSL. I have compiled openSSL
into my pg7.3.3, and mod_ssl is running on my apache..

I have the parts..just confused how to use them, any help or directions
would be much appreciated.
Michael


Re: authentication questions

From
"Mendola Gaetano"
Date:
----- Original Message -----
From: "Michael Hanna" <zen@hwcn.org>
To: "pgsql-novice" <pgsql-novice@postgresql.org>
Sent: Thursday, June 26, 2003 10:59 PM
Subject: [NOVICE] authentication questions


> on certain DBs, I want remote access via users who are not unix users
> on the computer. Do I keep a table of users and passwords?

When you create a DB user nobody oblige you to create also a
unix user, the table with username and passwd is a system table,
take a look at pg_shadow ( select * from pg_shadow ).


Regards
Gaetano


Re: authentication questions

From
Michael Hanna
Date:
ok, to avoid having too many users in pg_shadow, could I make a user
called 'webapp' in pg_shadow who had access to one particular DB only,
and this DB could contain a table of all the users who use that web
application? seems more efficient that way..

Michael

On Thursday, June 26, 2003, at 08:29  PM, Mendola Gaetano wrote:

> ----- Original Message -----
> From: "Michael Hanna" <zen@hwcn.org>
> To: "pgsql-novice" <pgsql-novice@postgresql.org>
> Sent: Thursday, June 26, 2003 10:59 PM
> Subject: [NOVICE] authentication questions
>
>
>> on certain DBs, I want remote access via users who are not unix users
>> on the computer. Do I keep a table of users and passwords?
>
> When you create a DB user nobody oblige you to create also a
> unix user, the table with username and passwd is a system table,
> take a look at pg_shadow ( select * from pg_shadow ).
>
>
> Regards
> Gaetano
>
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
>


Re: authentication questions

From
"Mendola Gaetano"
Date:
"Michael Hanna" <zen@hwcn.org> wrote:
> ok, to avoid having too many users in pg_shadow, could I make a user
> called 'webapp' in pg_shadow who had access to one particular DB only,
> and this DB could contain a table of all the users who use that web
> application? seems more efficient that way..

In that way you have less controll on who is using the DB,
for example you can not use current_user in order to know
who is doing the query and you can not use the privileges on
tables, stored procedure, views.....
and last but not least why you are aware about "do not fill the
pg_shadow"?


Regards
Gaetano Mendola


Re: authentication questions

From
Michael Hanna
Date:
OK, but what if you have thousands of users in your pg_shadow table?
Can postgreSQL handle such a load?

Michael

On Friday, June 27, 2003, at 05:48  AM, Mendola Gaetano wrote:
>
> In that way you have less controll on who is using the DB,
> for example you can not use current_user in order to know
> who is doing the query and you can not use the privileges on
> tables, stored procedure, views.....
> and last but not least why you are aware about "do not fill the
> pg_shadow"?
>
>
> Regards
> Gaetano Mendola
>
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 9: the planner will ignore your desire to choose an index scan if
> your
>       joining column's datatypes do not match
>


Re: authentication questions

From
"Mendola Gaetano"
Date:
"Michael Hanna" <zen@hwcn.org> wrote:
> OK, but what if you have thousands of users in your pg_shadow table?
> Can postgreSQL handle such a load?

What change if instead you have thousand of user in your own table?
May be will be longer the identification process but not so longer then
have instead on user on that table.
BTW the table pg_shadow have an index on the column usename
and I believe that in the identification process you are asking if
the bottle-neck can be some think like:

select * from pg_shadow where usename = 'xxxxxxx';


I have a table that is similar to pg_shadow and the table handle
9823 rows, performing the query above take long 0.12 msec

I hope this help.

Regards
Gaetano Mendola



Re: authentication questions

From
Tom Lane
Date:
Michael Hanna <zen@hwcn.org> writes:
> OK, but what if you have thousands of users in your pg_shadow table?
> Can postgreSQL handle such a load?

A table with merely thousands of rows is generally in the "too small
to notice" category.  If you find any performance problems with
thousands of users, report them and we'll fix them.

            regards, tom lane