[lug] postgres

George Sexton gsexton at mhsoftware.com
Thu May 8 13:11:01 MDT 2003

Why would you not use the built-in database security to grant rights within
the database?

-----Original Message-----
From: lug-admin at lug.boulder.co.us [mailto:lug-admin at lug.boulder.co.us]On
Behalf Of Hugh Brown
Sent: Thursday, May 08, 2003 9:37 AM
Subject: [lug] postgres

I am playing around with the version of postgres from rh9.  they added a
new column to the pg_hba.conf file that allows you to specify
users/groups that are allowed to connect.

My question is this.  I have a machine that will have multiple databases
within the instance of postgres.  new ones will be created to do
development, etc.

I have a particular database that I only want members of a certain group
to be able to access, but be able to allow anyone else to access any
other database.  I can't seem to find a way to do this.

so far I have

host specialdb +specialgroup   ip netmask md5
host specialdb +specialgroup md5
local specialdb +specialgroup    md5
host    all         all   md5
local   all         all                                             md5

which keeps anyone not on the local machine off, but any user on the
local machine can get to the specialdb regardless of their membership in

what I'd really like is a directive like:

host specialdb !+specialgroup   reject

but there doesn't seem to be one.  Anyone know how to be exclusive
rather than inclusive (which is how the documentation says to do it)?


Web Page:  http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Join us on IRC: lug.boulder.co.us port=6667 channel=#colug

More information about the LUG mailing list