Hi Jim, so IIUC, I will have to schedule a program on the server which reads all user information and if a new user is added it modifies the pg_hba.conf and reloads the server? thanks, -- csaba -----Original Message----- From: Jim C. Nasby [mailto:jnasby@xxxxxxxxxxxxx] Sent: Tuesday, November 29, 2005 12:46 AM To: Egy?d Csaba Cc: pgsql-general@xxxxxxxxxxxxxx Subject: Re: [GENERAL] Login limitation? On Sun, Nov 27, 2005 at 12:32:06PM +0100, Egy?d Csaba wrote: > Hi All, > > I'd like to know if there is a method to let a user login into only > predefined databases? I know that I could edit pg_hba.conf to achive > this, but > - there will be many databases on the server with the same structure > but with different data > - there will be "local admins" who must be able to create new "local users" > (of their own db) > - it is a win32 client application... so editing pg_hba.conf is not > too easy... > > So I'd need an administrative method (command?) which is capable to > define (in the server level) a set of databases (0, 1 or more) for > every user which she can login and prevent her from logging in to any > other databases. This data should be modified via SQL statements like GRANT. > > I tried to REVOKE all priviges from a user on a db, but the user still > able to login. Another question is that she can't do anything. > > Any ideas? I think you're basically stuck with pg_hba.conf. There's been some functions added to 8.1 that make it possible to do some more administrative stuff with config files via SQL, but I'm not sure if they'd cover this case. I can see where this could be a problem for people providing hosting; if enough other users request this functionality it might make it onto the TODO list. -- Jim C. Nasby, Sr. Engineering Consultant jnasby@xxxxxxxxxxxxx Pervasive Software http://pervasive.com work: 512-231-6117 vcard: http://jim.nasby.net/pervasive.vcf cell: 512-569-9461 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.13.9/185 - Release Date: 2005.11.28.
