No subject


Mon Jan 7 09:52:59 UTC 2008


In openserdbctl.pgsql it seems that 

"sql_query "$1" "GRANT ALL PRIVILEGES ON DATABASE $1 TO $DBRWUSER;"

will allow the $DBRWUSER to play around with every tables created but it's not the case. Postgresql is not recursive when you grant rights.

We have to do something like this for the $DBRWUSER too..

        GRANT SELECT ON TABLE phonebook, pending, active_sessions, server_monitoring,
        server_monitoring_agg, usr_preferences_types, admin_privileges to $DBROUSER;"

but with more options than just SELECT.

We also need to add rights on the sequences created by the serial types (primary keys).


As it is, openserctl add user1 pass2 user at host  will fail since it cannot select the sequence associated with the id in the subscriber table.





----------------------------------------------------------------------

>Comment By: Henning Westerholt (henningw)
Date: 2008-01-16 14:45

Message:
Logged In: YES 
user_id=337916
Originator: NO

backported to 1.3

----------------------------------------------------------------------

Comment By: Henning Westerholt (henningw)
Date: 2008-01-10 12:47

Message:
Logged In: YES 
user_id=337916
Originator: NO

I've fixed this in the svn trunk. Please test!
Will be backported to 1.3 branch after some testing period.

Thanks and regards,

Henning

----------------------------------------------------------------------

Comment By: Nobody/Anonymous (nobody)
Date: 2008-01-10 07:27

Message:
Logged In: NO 

The old openser_postgresql script did exactly this. It defined the
sequences manually and granted rights. MAybe this was lost during
conversion to the new DB scripts.

klaus

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1867960&group_id=139143



More information about the Devel mailing list