[Dbconfig-common-devel] Read only access for all users to database
Kip Warner
kip at thevertigo.com
Fri Jun 10 20:28:10 UTC 2016
On Fri, 2016-06-10 at 09:52 +0200, Paul Gevers wrote:
> The other day I had an idea. Maybe what you are looking for is the
> native support that dbconfig-common has for install/upgrade scripts.
> What you could do is feed dbconfig-common with a script, check if the
> database is localhost and then do what you want.
>
> On the other hand, you may be looking for a native PostgreSQL
> solution
> to grant the access to all users. I.e. what I assume you want is that
> when a user gets added to the system, he automatically has access. I
> wouldn't know how to do that.
Hey Paul,
Probably a good idea to check that the user is installing to localhost.
If they are, then using the following within your postinst hook works
perfectly:
...
sed -i -r "s/\s*map_all_myapplication\s*\/\.\*\s*myapplication\s*//" /etc/postgresql/9.5/main/pg_ident.conf
sed -i -r "s/\s*local\s*all\s*all\s*ident\s*map=map_all_myapplication\s*//" /etc/postgresql/9.5/main/pg_hba.conf
echo "map_all_myapplication /.* myapplication" >> /etc/postgresql/9.5/main/pg_ident.conf
sed -i -r "s/(local\s*all\s*all\s*peer)/#\1/" /etc/postgresql/9.5/main/pg_hba.conf
...
Yours truly,
--
Kip Warner -- Senior Software Engineer
OpenPGP encrypted/signed mail preferred
http://www.thevertigo.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/dbconfig-common-devel/attachments/20160610/1950b580/attachment.sig>
More information about the Dbconfig-common-devel
mailing list