473,406 Members | 2,698 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > postgresql database > questions > confused by superuser-definition

Join Bytes to post your question to a community of 473,406 software developers and data experts.

confused by superuser-definition

hello,

i'm rather new to postgresql and am now standing in front of a big problem.

if i want to host my database on any provider out there, i don't now see
any chance to get my own right to insert new users into my db. because:
i'd only be able to do this, when i had the rights to "createuser", but
that would mean, that i'd have the superuser-rights for the whole db's
in "public" - if there is only this base-schema.

do i understand this right?

if yes: what is a common approach to manage just own users if there is
the situation, that i have a changing amount of them?

btw: why isn't it possible to have (in a future release) a
createuser-right just for single databases and to have one
root/super-user for everydb?

greetings from today very sunny autria
hans

---------------------------(end of broadcast)---------------------------
TIP 8: explain analyze is your friend

Nov 23 '05 #1
2 1682
zu****@iname.com wrote:
hello,

i'm rather new to postgresql and am now standing in front of a big problem.

if i want to host my database on any provider out there, i don't now see
any chance to get my own right to insert new users into my db. because:
i'd only be able to do this, when i had the rights to "createuser", but
that would mean, that i'd have the superuser-rights for the whole db's
in "public" - if there is only this base-schema.

do i understand this right?
Well - what does the contract with your provider state? Do you get one
user or as many as you like? It's common to get one DB and one user.
if yes: what is a common approach to manage just own users if there is
the situation, that i have a changing amount of them?
Usually a simple wrapper - command-line or web-form. Checks you can only
add users to a given database.
btw: why isn't it possible to have (in a future release) a
createuser-right just for single databases and to have one
root/super-user for everydb?


No particular reason AFAIK. Someone was suggesting it on the hackers
list, but I'm not sure if anything came of it. If you are really
interested, check the archives on the hackers list and see what happened.

--
Richard Huxton
Archonet Ltd

---------------------------(end of broadcast)---------------------------
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match

Nov 23 '05 #2
zu****@iname.com wrote:
hello,

i'm rather new to postgresql and am now standing in front of a big
problem.

if i want to host my database on any provider out there, i don't now
see any chance to get my own right to insert new users into my db.
because: i'd only be able to do this, when i had the rights to
"createuser", but that would mean, that i'd have the
superuser-rights for the whole db's in "public" - if there is only
this base-schema.

do i understand this right?


No.

-- Function: create_user(name)

CREATE OR REPLACE FUNCTION create_user(name)
RETURNS bool AS
'
DECLARE
PWD VARCHAR;
CMD VARCHAR;
BEGIN
PWD := \'INITIALPWD\';
IF EXISTS(SELECT * FROM pg_user WHERE usename = $1) THEN
RETURN FALSE;
END IF;
CMD := \'CREATE USER "\' || $1 || \'" WITH ENCRYPTED PASSWORD \' || PWD\';
EXECUTE CMD;
RETURN TRUE;
END;
'
LANGUAGE 'plpgsql' VOLATILE SECURITY DEFINER;

-- Note: "SECURITY DEFINER". This function was created by a user that
does have create user privileges.

--Berend Tober


---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 23 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
backup / superuser only
by: Rudy Metzger | last post by:
------_=_NextPart_001_01C34573.71AC6F2C Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Dear all, =20 Is there a way to start mysqld in a way,...
MySQL Database
27
I'm confused about encryption
by: MLH | last post by:
Silly me. I thought that if I clicked Tools, Security, Encrypt database MyDB.mdb to Ncrypt.mdb I would not be able to read the module code if opening Ncrypt.mdb inside A97 later. I've found that...
Microsoft Access / VBA
1
When I used "application/vnd.ms-excel" to export table's content to Excel file. It would be showed between "Confused" words and normally words randomly.How can i sloved it?
by: Benny Ng | last post by:
Hi,All, Export Method: ------------------------------------------------------------------------- strFileNameExport = "Results" Response.Clear() Response.Buffer = True...
C# / C Sharp
1
Non-superuser connection limit exceeded
by: marcelo Cortez | last post by:
Hi folks My application fail with 'Non-superuser connection limit exceeded' error , the client application is connected via ODBC AND GPF MESSAGE appear there. the 'Non-superuser connection...
PostgreSQL Database
10
How to time several queries?
by: nd02tsk | last post by:
Hello I know it is possible to time isolated queries through the settting of the \timing option in psql. This makes PgSQL report the time it took to perform one operation. I would like to...
PostgreSQL Database
1
superuser equality
by: Ed L. | last post by:
I'd like to have a DB client connect using a username ('psuedodba') different from the creator/owner ('dba') of the DB and its tables, but still have that username be able to do everything the...
PostgreSQL Database
1
Login to a remote solaris machine as superuser through perl
by: james2 | last post by:
I am trying to write a perl script that will do remote machine. I have done user loging using simple command; $telnet->login('test', 'test123'); But now I want to do root login or superuser...
Perl
26
Confused by mysqli
by: Dodger | last post by:
Okay, background... yes, I am another of those evil, spurned, damnable Perl mongers, but I'm not trying to start a flamewar, I'm juust tryung to understand something... I can write a script in...
PHP
2
confused listview.items during itemChecked Event
by: Peter | last post by:
Hi, I have a problem with Listview using checkboxes. If i check items by code BEFORE the form is shown the Listview.Items are confused during the ItemChecked Event !!! After showing the...
C# / C Sharp
2
Running function as superuser
by: ildiff | last post by:
How I can run a function written in plpgsql as superuser when I'm logged into the database as normal user with a restrict access to tables?
PostgreSQL Database
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!