Postgresql 用户管理

一, 设置超级用户密码

 1  修改 pg_hba.conf 使超级用户postgres 可以登录到数据库中 

      host all all 127.0.0.1/32 trust

 2 修改 postgres 密码

   

$psql -U postgres -h 127.0.0.1
psql (9.6.4)
Type "help" for help.

postgres=#  ALTER USER postgres WITH PASSWORD 'new password';
ALTER ROLE

 

3 修改 pg_hba.conf 访问方式 md5

      host all all 127.0.0.1/32  md5

 常用 ident 默认 与 indent.conf 配合使用

         trust 信任 不需要密码

         reject 拒绝

         password 密码访问 明码

         md5   密码访问 加密**

 

4 测试登录

 

psql -U postgres -h 127.0.0.1
Password for user postgres: 
psql (9.6.4)
Type "help" for help.

postgres=#

 

二,新建用户及授权

 在postgres 中 user 和 role 没有区别,user比role多了一个login访问权限

postgres=# CREATE USER user1;
CREATE ROLE
postgres=# CREATE database db1;
CREATE DATABASE          
postgres=# GRANT ALL ON DATABASE db1 TO user1 ;
GRANT
postgres=# REVOKE ALL ON DATABASE db1 FROM user1;
REVOKE


postgres=# \l

List of databases
Name | Owner | Encoding | Collate | Ctype | Access privileges
-------------------+----------+----------+-------------+-------------+-----------------------
db1  | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 | =Tc/postgres +
   |          |           |       |        | postgres=CTc/postgres+
   |        |      |             |             | user1=CTc/postgres


 
修改用户系统权限
postgres=# alter user db1 with superuser;
postgres=#\dg or \du

List of roles
Role name | Attributes | Member of
-----------+------------------------------------------------------------+-----------
user1 | Superuser | {}
postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {}

 

postgres=# select * from pg_shadow ;
usename | usesysid | usecreatedb | usesuper | userepl | usebypassrls | passwd | valuntil | useconfig
----------+----------+-------------+----------+---------+--------------+-------------------------------------+----------+-----------
postgres | 10 | t | t | t | t | | |
user1 | 23981 | f | f | f | f | md5c1e4e02e1d5d60f463ab88f676383fb6 | |

 

posted @ 2017-08-29 11:41  Eamon13  阅读(313)  评论(0编辑  收藏  举报