How to specify "PG-USERNAME" in pg_ident.conf so that it'll match any database user ?
Posted
by felace
on Stack Overflow
See other posts from Stack Overflow
or by felace
Published on 2010-05-12T14:23:07Z
Indexed on
2010/05/12
14:24 UTC
Read the original article
Hit count: 137
postgresql
I need to restrict a specific unix user so that it can login with only a few select postgres usernames (with password prompt), but allowing every other user to use whatever pg username they want.
Assuming restrUnixUser is the unix user name and restrUser is one of the postgres users it may use, and AllowedDB is the only database they should connect to :
pg_hba.conf :
local AllowedDB restrUser password
local all restrUser reject
local all all ident map=exceptrestrUser
And pg_ident.conf :
exceptrestrUser /^(?!restrUnixUser).*$ user1
exceptrestrUser /^(?!restrUnixUser).*$ user2
exceptrestrUser /^(?!restrUnixUser).*$ postgres
does what I exactly want to do right now, however, I'll probably add a lot more users so I wonder if there is something like
mapname unixuserpattern allpgusers
that'll match with whatever username used to login by any unix user matching the pattern.
© Stack Overflow or respective owner