[Zope] RE: Postgres permissions with psycopyg
tillea@rki.de
tillea@rki.de
Wed, 20 Jun 2001 12:20:24 +0200 (CEST)
On Tue, 19 Jun 2001, Rene Pijlman wrote:
> > dbname=web
>
> No user name?
>
> >2001-06-19 14:05:24 [22300] DEBUG: connection: host=[local] user=www-data database=web
... as you see the user is the user running the Zope server
Is this a bad idea? If the answer is "yes" here I have to say that I
tried the same with username and password. The result was the same:
permission denied.
> >2001-06-19 14:05:43 [22300] ERROR: testtable: Permission denied.
>
> With PostgreSQL, operating system users don't get access automatically. You
> must create a PostgreSQL user to connect as (defaults to OS user) and grant
> privileges.
I did so. This is what I wanted to say with:
web=# grant all on testtable to "web-data" ;
CHANGE
which implies a "createuser web-data" at system prompt before.
web=# select usename from pg_user;
usename
----------
postgres
tillea
www-data
(3 rows)
> According to messages in the PostgreSQL list archive "www-data" is a special
> case, since PostgreSQL doesn't allow "-" in user names. I'm not sure if this
> still applies, since you mention a database user "web-data".
You just have to enclose the username in "". If not you get errors in the
grant clause.
> Just search the list on http://fts.postgresql.org/db/mw/ with "permission
> denied". E.g.:
> http://fts.postgresql.org/db/mw/msg.html?mid=53327
> http://fts.postgresql.org/db/mw/msg.html?mid=30785
I have looked at them and also tried to remap the username using pg_ident.conf
but nothing helped. May be I should ask those kind of questions on a
postgres-list ...
> And this of course (URL of local mirror):
> http://postgresql.demunnikservices.nl/users-lounge/docs/7.1/admin/user-manag
> .html
> http://postgresql.demunnikservices.nl/users-lounge/docs/7.1/admin/privileges
> .html
Well they are part of my Debian system but the things described there
I have done ...
Kind regards
Andreas.