How to specify "PG-USERNAME" in pg_ident.conf so that it'll match any database user ?

Posted by felace on Stack Overflow See other posts from Stack Overflow or by felace
Published on 2010-05-12T14:23:07Z Indexed on 2010/05/12 14:24 UTC
Read the original article Hit count: 137

Filed under:

I need to restrict a specific unix user so that it can login with only a few select postgres usernames (with password prompt), but allowing every other user to use whatever pg username they want.

Assuming restrUnixUser is the unix user name and restrUser is one of the postgres users it may use, and AllowedDB is the only database they should connect to :

pg_hba.conf :

local   AllowedDB       restrUser        password
local   all             restrUser        reject
local   all             all              ident map=exceptrestrUser

And pg_ident.conf :

exceptrestrUser      /^(?!restrUnixUser).*$       user1
exceptrestrUser      /^(?!restrUnixUser).*$       user2
exceptrestrUser      /^(?!restrUnixUser).*$       postgres

does what I exactly want to do right now, however, I'll probably add a lot more users so I wonder if there is something like

mapname unixuserpattern allpgusers

that'll match with whatever username used to login by any unix user matching the pattern.

© Stack Overflow or respective owner

Related posts about postgresql