Re: Trigger when user logs in
| От | Ron |
|---|---|
| Тема | Re: Trigger when user logs in |
| Дата | |
| Msg-id | 106b546b-194a-36f6-b249-3f8dfb18c5bb@gmail.com обсуждение исходный текст |
| Ответ на | Re: Trigger when user logs in ("Peter J. Holzer" <hjp-pgsql@hjp.at>) |
| Список | pgsql-general |
On 4/14/19 4:05 AM, Peter J. Holzer wrote: > On 2019-04-13 22:22:16 -0500, Ron wrote: >> In our case, another looming Auditor requirement is to be able to instantly >> kick off -- or at least send a warning email -- when certain roles log in >> from unapproved IP addresses or programs. For example, service accounts >> should only be able to log in from IP addresses and certain applications. >> Humans logging in via service accounts using pgAdmin should, for example, be >> instantly kicked off. > If you want to prevent a user from logging in (which is functionally > equivalent but a bit stronger than "instantly kick off"), then this is > definitely something that could and should be implemented via PAM (I'm > not sure what information is passed to PAM, so you might get the IP > address Doesn't this require all Postgres roles to also be OS users? > but not the application name (the latter can't be trusted > anyway), for example). -- Angular momentum makes the world go 'round.
В списке pgsql-general по дате отправления: