How to specify "PG-USERNAME" in pg_ident.conf so that it'll match any database user ?

Posted by felace on Stack Overflow See other posts from Stack Overflow or by felace
Published on 2010-05-12T14:23:07Z Indexed on 2010/05/12 14:24 UTC
Read the original article Hit count: 132

Filed under:

postgresql

I need to restrict a specific unix user so that it can login with only a few select postgres usernames (with password prompt), but allowing every other user to use whatever pg username they want.

Assuming restrUnixUser is the unix user name and restrUser is one of the postgres users it may use, and AllowedDB is the only database they should connect to :

pg_hba.conf :

local   AllowedDB       restrUser        password
local   all             restrUser        reject
local   all             all              ident map=exceptrestrUser

And pg_ident.conf :

exceptrestrUser      /^(?!restrUnixUser).*$       user1
exceptrestrUser      /^(?!restrUnixUser).*$       user2
exceptrestrUser      /^(?!restrUnixUser).*$       postgres

does what I exactly want to do right now, however, I'll probably add a lot more users so I wonder if there is something like

mapname unixuserpattern allpgusers

that'll match with whatever username used to login by any unix user matching the pattern.

Related posts about postgresql

Postgresql fails to start on Ubuntu 10.04.4 LTS

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I installed postgresql 9.2 from add-apt-repository ppa:pitti/postgresql using apt-get install postgresql-9.2 At the end of the install and every time I try to launch postgresql by using the following command /etc/init.d/postgresql start or service postgresql start I get this error: Error:… >>> More
can't install psycopg2 in my env on mac os x lion

as seen on Server Fault - Search for 'Server Fault'
I tried install psycopg2 via pip in my virtual env, but got this error: ld: library not found for -lpq (full log here: http://pastebin.com/XdmGyJ4u ) I tried install postgres 9.1 from .dmg and via port, (gksks)iMac-Alexander:~ lorddaedra$ locate libpq /Developer/SDKs/MacOSX10.7.sdk/usr/include/libpq /Developer/SDKs/MacOSX10… >>> More
Postgresql has broken apt-get on Ubuntu

as seen on Super User - Search for 'Super User'
On ubuntu 12.04, whenever I try to install a package using apt-get I'm greeted by: The following packages have unmet dependencies: postgresql-9.1 : Depends: postgresql-client-9.1 but it is not going to be instal led E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a so lution)… >>> More
Installing PostgreSQL on FreeBSD (with ports)

as seen on Server Fault - Search for 'Server Fault'
Hey everyone, I am trying to install (using ports) PostgreSQL on a virtual server, running FreeBSD. My one question is this: Which of the following should I install? postgresql-contrib postgresql-docs postgresql-jdbc postgresql-libpgeasy postgresql-libpq++ postgresql-libpqxx postgresql-odbc … >>> More
Strange permission errors in new PostgreSQL installation

as seen on Server Fault - Search for 'Server Fault'
A freshly installed PostgreSQL (with configuration overwritten) won't start: $ sudo service postgresql start * Starting PostgreSQL 9.1 database server * Error: could not read /etc/postgresql/9.1/main/postgresql.conf: Permission denied Looks like it should be able to read it though: $ ls -l postgresql… >>> More

Developer IT