On Sunday 21 March 2010 02.01:27 Scott Mead wrote: > On Sat, Mar 20, 2010 at 5:24 PM, Adam Seering <aseering@xxxxxxx> wrote: > > Hi, > > > > I'm trying to set up an internal general-purpose PostgreSQL > > server > > > > installation. I want most users with login access to the server to be > > able to create databases, but only with names that follow a specified > > naming convention (in particular, approximately "is prefixed with the > > owner's username"). A subset of administrative users can create users > > with any name. The goal is to let users create arbitrary databases, > > but to force them to get approval for names that someone else (or some > > other service) might conceivably want. > > > > Is there any way to enforce this within PostgreSQL? Maybe > > something > > > > like a trigger on CREATE DATABASE, if that's possible? > > Hmmm... nothing like that I'm afraid... > > But, you could possibly make a shell script to the 'createdb' > executable that would force a name-style, but even then, for any user to > be able to successfully run the command, they need database logon / > create database privs, so if someone : cat `which createdb` and you had > made a script, they'd see what you were up to. It may be a way to get > started though. Extending this: have your users not have createdb permission and write this script as a suid program. cheers -- vbi > > --Scott M -- this email is protected by a digital signature: http://fortytwo.ch/gpg
Attachment:
signature.asc
Description: This is a digitally signed message part.
