Re: [general] Permissions

PostgreSQL has, it seems, a somewhat weak permissions system, although it
definately gets the job done.

What you can do is have a seperate pg_hba.conf entry for every user/database
combination you would like to be able to connect. To make this work, make a
seperate password file for each user using pg_passwd. Lets say you call two
files a_passwd and b_passwd (in accordance with your example), then make the
lines:

local    x    crypt a_passwd
local    y    crypt a_passwd
local    z    crypt a_passwd
local    m    crypt b_passwd
local    n    crypt b_passwd
local    o    crypt b_passwd

Do not make a password record in a_passwd for b, and do not make a record in
b_passwd for a. Make sure to put the *_passwd files in the same directory as
pg_hba.conf (where they will be found).

Note: I did not actually try this, as that would require changing around all
of my permissions for my database. It should work, however. You can also make
these host-based lines in order to allow connections from another host.

Regards,
    Jeff Davis

On Sunday 11 November 2001 09:12 pm, you wrote:
> How do I set up my pg_hba.conf file to allow user "a" to only
> have access to databases x, y, and z; and user "b" to only have
> access to databases m, n, and o?  The pgident authentication
> mechanism looks like the best candidate, but it does not seem
> to quite meet the requirements.
>
> Thanks,