On a server I have two databases ( say db1 and db2 ). I have a superuser called user1.
My requirement is to disable user1(super user) for database db1.
So that using user1 I can only connect to db2 and not to db1.
How can this be done.
Note : postgres version is 8.0 and both the databases are on same database cluster.
Remove their superuser rights entirely. Make them the owner of db2 (ALTER DATABASE db2 OWNER TO whatever_user), so they can do anything to db2 except limited superuser-only operations like loading C extensions.
You cannot restrict superusers. That's the point. Superuser-only operations are ones that break through the usual access control rules. For example, loading a user-defined C function allows you to write and load a function that opens pg_hba.conf and rewrites it, or just manipulates the system catalogs directly. Similarly, the adminpack functions let you do direct file system access, so they're superuser-only.
If they're a superuser, they can just read pg_hba.conf, see that your user ID has the right to log in to db1, then change your password then log in as you.
Asking to limit a superuser to one DB is like asking if you can make a user root, but only for one subdirectory. (OK, so with SELinux you can kind-of do that, but it's complicated).
If you truly must do this, the only way to do it is to split db1 and db2 into different PostgreSQL servers running under different unpriveleged system user IDs. Each has its own separate shared_buffers, data directory, listening (ip-address, port) combo, WAL, user IDs, database lists, etc. Since they're running under different system users they don't have the right to read or write each others' data directories, so they are isolated. They must listen on different ports and/or different IP addresses, though you can use PgBouncer to make them appear to be the same server to external clients.
Related
I am having a Postgres database deployed. When I connect to it using pgAdmin I see so many databases that I don't have access to and I haven't created at all.
The picture shows some of them. My actual database is one of them.
What are these database and why are they here? How can get rid of them? Can I just delete them without any problem?
If this is your database, then you better know what databases you have and why you have them.
One possibility is that you have lost control of your database, probably to cryptomining hackers (they do create databases with gibberish names).
You can delete the extra's, but the hackers will just keep on getting back in if you don't fix the underlying problem. You need to give good passwords to all your superuser accounts (and all non-superuser accounts too), block access to your database to all but white-listed hosts in pg_hba.conf, maybe block super-user access from all but localhost, as well as blocking access to 5432 on your firewall to all but trusted hosts. Any one of these might be sufficient, but you will be better off to do all 4 of these things.
I faced the same issue using Heroku Postgres addon...
The solution was setting DB Restriction in Advanced options.
Setting your database there you will only see your DB and not the other.
I am new to Oracle databases(I am using Oracle Database 11g Express Edition) and sqldeveloper. I have this doubt
When creating a new connection in sqldeveloper what is actually happening?
Creating a new database or connecting to an existing databasE?
If I create multiple connections are they pointing to a single database or different databases, if the later then how to choose a database name while creating a connection
You are establishing a connection to user (i.e. schema) which resides in an (Oracle) database. One database contains many users, so - create one connection per user.
Creating a connection does NOT create a new database; it is done differently. I don't think that 11gXE offers that option; you'd need a Standard or Enterprise Edition.
No problem if you use multiple databases (most of us do). I prefer keeping them in TNSNAMES.ORA file, in a directory used by the TNS_ADMIN environment variable. Currently, there are 94 databases I have access to, each of them having many users.
In your case, 11gXE is (probably) installed on your own computer, and you'll use one of its users (HR?), so - just connect to it. If it is locked, you'll have to unlock it first, though - in that case, create connection to SYS (don't forget to connect AS SYSDBA), then
ALTER USER hr ACCOUNT UNLOCK;
ALTER USER hr IDENTIFIED BY hr;
and then create connection to "hr" whose password is now set to "hr" (all lower case).
I am trying to setup Postgres 9.3 on an Ubuntu 14 server, and I'm feeling pretty demoralised at this point. I've previously used MySQL, so I'm happy with general database concepts, as well as client/server models etc.
I start with two users - 'root' and 'sam' (me). As 'sam' I install postgresql using apt-get. This also creates a third user called 'postgres'.
Fine.
I'm told that to use postgres you must be logged in as the postgres user, so I switch to that account. Apparently this comes with a postgres admin role (I think I'm fine with the concept of roles per se), and apparently all roles have an associated database of the same name (?). So now I have a Linux account called postgres, a role called postgres, and a database called postgres? This all seems needless but I'm assuming it's useful for reasons I don't know about (not meant sarcastically - this is usually the case when things seem overly complicated at first).
So, to create a database, do I login to the server as postgres, start postgres by typing 'psql' (which doesn't ask for a password - why doesn't the postgres account have a password?) and proceed from there? Or should I create a new role? Does that role need its own Linux user? Should the role be the same name as the database I want to create?
I appreciate this is a bit of a jumble, but my confusion is such that I'm not even sure I understand the fundamentals here. I miss MySQL.
I've been mainly using the DigitalOcean tutorial for this - which are usually very good - but it didn't really make any of this clear. I also read the postgres docs (specifically the installation and users/roles sections) which didn't help, and the google results for this are even less helpful.
This is my last hope before I go back to the safety blanket of MySQL. Any suggestions for making this click?
OS usernames and Postgres DB usernames are not related; they live in seperate universes.
one exception: if you connect from the same machine via the unix-domain socket, and you don't explicitely specify a username, your OS name is assumed to be your DB-username, too. (which in most cases is not correct)
second exception: the "postgres" username is used both as an OS-username (owner of the files, uid of the running processes) and as the DBMS superuser.
Note: "root" is a bad name for a DB-user.
I created a Firebird database by an account other than sysdba. If I put a copy of this db to another machine, I can open it by sysdba account and the 'masterkey' password. Thus this is real risk if some one can take a copy of it.
Is there some way to prevent this scenario?
The user that created a database is "just" the owner of the database, the sysdba user is administrator and is allowed to do anything to all databases on a Firebird server. This is a very good reason to never use masterkey as your password on a production server.
The usernames and passwords in Firebird 2.5 and earlier are stored in a security database (security2.fdb) that is part of the Firebird installation. So moving a database to another server (or replacing the security2.fdb) will allow "unauthorized" persons to access the database. Note that I put unauthorized in quotes here, because if a person has direct file access so they are able to make a copy of the database, or replace the security2.fdb, they have sufficient authorization on your server to do anything they want (or the security of your system has been breached).
In Firebird 3, it will be possible to store users in the database itself, but this still requires server-side configuration, so - as far as I know - this will not restrict much in this scenario. Firebird 3 will also provide support for database encryption which could allow you to only give access on a specific server, or with users that provide a specific key. Unfortunately Firebird 3 only provides the API, but not the encryption. That is left to users or library providers to implement.
There is also a trick to create a role with the name SYSDBA in your database which will prevent a user with username sysdba to connect to the database. But this is easy to circumvent by using a hex editor and some knowledge of the internal structure of a Firebird database to undo this. If the person really wants access to your data, they can also just compile a Firebird server that skips or ignores authentication.
All in all, this means that if someone has direct access to the database file, then they can create a copy and open it on another Firebird install one way or another. So the only real way to protect a database file is to make sure that users can only access the database through the Firebird server, don't have direct access to the database files and - except admins - are not able to create a backup of the database.
Even if users only have access through the server, they can still make a logical copy of the entire database structure, and all data they are allowed to access.
Consider reading Firebird File and Metadata Security
Two developers often share the same system, and both have local copies of the project and try to connect to a local database. Both users can see the database, but tables and their data are only visible to the database's original author.
We've tried giving all permissions to both users, but it seems the only thing that works is to duplicate the database.
Is there a way around this?
Thanks in advance!
You would probably be better off hosting a separate MySQL instance on it's own machine, and then configure your code to connect to that database instead of the MAMP-hosted one. That being said, you will need to open the port on the firewall of the MAMP(0) for the MAMP-MySQL (usually port 8889). Then, the script on the MAMP(1) needs to be configured to connect to MAMP(0) database on the newly opened port.
You will also need to GRANT privileges for user(1) on the MAMP-host(0) database.
A connect string from MAMP(1) would look like:
$db_url = 'mysqli://user:password#mamp0.local:8889/es_forms_drupal';
Hopefully that makes some sense.