Hi all,
I am working on an installer for my program that creates a postgres
database and user (the installer is written in perl and runs as 'root').
I want to find a way to let the user set the password on the new
database and have postgres actually ask for it without editing the
default 'pg_hba.conf' file, if at all possible.
I know how to set the password on the user:
CREATE USER "foo" WITH PASSWORD 'secret' CREATEDB NOCREATEUSER;
and from what I can tell there is no way to put a password on a
database. I create the database using:
CREATE DATABASE "bar" OWNER "foo";
From what I read in the docs, this *should* limit access to the 'bar'
database to only the 'postgres' and 'foo' (I can't find now where in the
postgres docs I read that so I may be wrong).
The problems are:
- Connections are limited to the matching system account ('foo' in
this case) which is good, but it doesn't require the password to connect.
- A normal user connected to another database can switch to the 'bar'
database using '\c foo' without requiring a password.
When I have played with the 'pg_hba.conf' file by adding the line:
# TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD
# Database administrative login by UNIX sockets
local bar foo md5
local all postgres ident sameuser
I find that when I try to connect to the DB 'bar' as the system user
'foo' I *do* get prompted for the password. However, when I try
connecting as another user I get in without being prompted for a
password at all.
Any help with this would be much appreciated!
Madison
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Madison Kelly (Digimer)
TLE-BU; The Linux Experience, Back Up
Main Project Page: http://tle-bu.org
Community Forum: http://forum.tle-bu.org
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
