DefineUser(CreateUserStmt *stmt)
{
- char *pg_user;
+ char *pg_shadow;
Relation pg_shadow_rel;
TupleDesc pg_shadow_dsc;
HeapScanDesc scan;
* Make sure the user attempting to create a user can insert into the
* pg_shadow relation.
*/
- pg_user = GetPgUserName();
- if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR | ACL_AP) != ACLCHECK_OK)
+ pg_shadow = GetPgUserName();
+ if (pg_aclcheck(ShadowRelationName, pg_shadow, ACL_RD | ACL_WR | ACL_AP) != ACLCHECK_OK)
{
UserAbortTransactionBlock();
elog(ERROR, "defineUser: user \"%s\" does not have SELECT and INSERT privilege for \"%s\"",
- pg_user, ShadowRelationName);
+ pg_shadow, ShadowRelationName);
return;
}
AlterUser(AlterUserStmt *stmt)
{
- char *pg_user;
+ char *pg_shadow;
Relation pg_shadow_rel;
TupleDesc pg_shadow_dsc;
HeapScanDesc scan;
* Make sure the user attempting to create a user can insert into the
* pg_shadow relation.
*/
- pg_user = GetPgUserName();
- if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK)
+ pg_shadow = GetPgUserName();
+ if (pg_aclcheck(ShadowRelationName, pg_shadow, ACL_RD | ACL_WR) != ACLCHECK_OK)
{
UserAbortTransactionBlock();
elog(ERROR, "alterUser: user \"%s\" does not have SELECT and UPDATE privilege for \"%s\"",
- pg_user, ShadowRelationName);
+ pg_shadow, ShadowRelationName);
return;
}
RemoveUser(char *user)
{
- char *pg_user;
+ char *pg_shadow;
Relation pg_shadow_rel,
pg_rel;
TupleDesc pg_dsc;
* Make sure the user attempting to create a user can delete from the
* pg_shadow relation.
*/
- pg_user = GetPgUserName();
- if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK)
+ pg_shadow = GetPgUserName();
+ if (pg_aclcheck(ShadowRelationName, pg_shadow, ACL_RD | ACL_WR) != ACLCHECK_OK)
{
UserAbortTransactionBlock();
elog(ERROR, "removeUser: user \"%s\" does not have SELECT and DELETE privilege for \"%s\"",
- pg_user, ShadowRelationName);
+ pg_shadow, ShadowRelationName);
return;
}
* tables, views, etc owned by the user.
*
* The second option would be to create a means of deleting tables, view,
- * etc. owned by the user from other databases. Pg_user is global and
+ * etc. owned by the user from other databases. pg_shadow is global and
* so this must be done at some point.
*
* Let us not forget that the user should be removed from the pg_groups
# by the host. If AUTH_ARGUMENT is specified then the password is
# compared with the user's entry in that file (in the $PGDATA
# directory). See pg_passwd(1). If it is omitted then the
-# password is compared with the user's entry in the pg_user table.
+# password is compared with the user's entry in the pg_shadow
+# table.
#
# crypt: Authentication is done by matching an encrypted password supplied
-# by the host with that held for the user in the pg_user table.
+# by the host with that held for the user in the pg_shadow table.
#
# krb4: Kerberos V4 authentication is used.
#
.\" This is -*-nroff-*-
.\" XXX standard disclaimer belongs here....
-.\" $Header: /cvsroot/pgsql/src/man/Attic/alter_user.l,v 1.1 1998/01/25 07:42:00 scrappy Exp $
+.\" $Header: /cvsroot/pgsql/src/man/Attic/alter_user.l,v 1.2 1998/03/06 18:02:49 momjian Exp $
.TH "ALTER USER" SQL 01/26/98 PostgreSQL PostgreSQL
.SH NAME
alter user -- alter user account information within a PostgreSQL instance
please see the create_user(l) manual page. Please note that it is not
possible to alter a user's usesysid via the alter user statement. Also,
it is only possible for the postgres user or any user with read and modify
-permissions on pg_user to alter user passwords.
+permissions on pg_shadow to alter user passwords.
If any of the clauses of the alter user statement are omitted, the
-corresponding value in the pg_user relation is left unchanged.
+corresponding value in the pg_shadow relation is left unchanged.
This statement can be used to modify users created with createuser(1).
.\" This is -*-nroff-*-
.\" XXX standard disclaimer belongs here....
-.\" $Header: /cvsroot/pgsql/src/man/Attic/catalogs.3,v 1.3 1998/01/11 22:17:06 momjian Exp $
+.\" $Header: /cvsroot/pgsql/src/man/Attic/catalogs.3,v 1.4 1998/03/06 18:03:02 momjian Exp $
.TH "SYSTEM CATALOGS" INTRO 03/13/94 PostgreSQL PostgreSQL
.SH "Section 7 - System Catalogs"
.de LS
\fBname\fP \fBshared/local\fP \fBdescription\fP
pg_database shared current databases
pg_group shared user groups
- pg_user shared valid users
+ pg_shadow shared valid users
.LE
.SH "RULE SYSTEM CATALOGS"
.LS
int2 grolist[1] /* list of usesysids of group members */
.fi
.nf M
-pg_user
+pg_shadow
NameData usename /* user's name */
int2 usesysid /* user's UNIX user id */
bool usecreatedb /* can user create databases? */
.\" This is -*-nroff-*-
.\" XXX standard disclaimer belongs here....
-.\" $Header: /cvsroot/pgsql/src/man/Attic/create_user.l,v 1.1 1998/01/25 07:42:01 scrappy Exp $
+.\" $Header: /cvsroot/pgsql/src/man/Attic/create_user.l,v 1.2 1998/03/06 18:03:21 momjian Exp $
.TH "CREATE USER" SQL 01/26/98 PostgreSQL PostgreSQL
.SH NAME
create user -- create a new user within a PostgreSQL instance
.SH DESCRIPTION
.BR "create user"
will add a new user to an instance of PostgreSQL. The new user will be
-given a usesysid of 'SELECT max(usesysid) + 1 FROM pg_user'. This means
+given a usesysid of 'SELECT max(usesysid) + 1 FROM pg_shadow'. This means
that a PostgreSQL user's usesysid will not correspond to their operating
system(OS) user id. The exception to this rule is the 'postgres' user,
whose OS user id is used as the usesysid during the initdb process. If
user, then use the createuser(1) script provided with the PostgreSQL
distribution.
-The 'with password' clause sets the user's password within the pg_user
-relation. For this reason, pg_user is no longer accessible to the
+The 'with password' clause sets the user's password within the pg_shadow
+relation. For this reason, pg_shadow is no longer accessible to the
'public' group. Please note that when initdb(1) is executed for an
instance of PostgreSQL that the postgres user's password is initially set
-to NULL. When a user's password in the pg_user relation is NULL, then
+to NULL. When a user's password in the pg_shadow relation is NULL, then
user authentication proceeds as it historically has (HBA, PG_PASSWORD,
etc). However, if a password is set for a user, then a new authentication
system supplants any other configured for the PostgreSQL instance, and the
-password stored in the pg_user relation is used for authentication. For
+password stored in the pg_shadow relation is used for authentication. For
more details on how this authentication system functions see pg_crypt(3).
If the 'with password' clause is omitted, then the user's password is set
to the empty string with equates to a NULL value in the authentication
Finally, the 'valid until' clause sets an absolute time after which the
user's PostgreSQL login is no longer valid. Please note that if a user
-does not have a password defined in the pg_user relation, then the valid
+does not have a password defined in the pg_shadow relation, then the valid
until date will not be checked during user authentication. If this clause
-is omitted, then a NULL value is stored in pg_user for this attribute, and
+is omitted, then a NULL value is stored in pg_shadow for this attribute, and
the login will be valid for all time.
.SH EXAMPLES
.\" This is -*-nroff-*-
.\" XXX standard disclaimer belongs here....
-.\" $Header: /cvsroot/pgsql/src/man/Attic/createuser.1,v 1.6 1998/01/26 01:42:44 scrappy Exp $
+.\" $Header: /cvsroot/pgsql/src/man/Attic/createuser.1,v 1.7 1998/03/06 18:03:31 momjian Exp $
.TH CREATEUSER UNIX 11/05/95 PostgreSQL PostgreSQL
.SH NAME
createuser - create a Postgres user
.SH DESCRIPTION
.IR Createuser
creates a new Postgres user. Only users with \*(lqusesuper\*(rq set in
-the \*(lqpg_user\*(rq class can create new Postgres users. As shipped,
+the \*(lqpg_shadow\*(rq class can create new Postgres users. As shipped,
the user \*(lqpostgres\*(rq can create users.
.PP
.IR Createuser
port. If your site uses an authentication system, ensure that you
have obtained the required authentication credentials.
.TP
-.BI "user \*(lq" "username" "\*(rq is not in \*(lqpg_user\*(rq"
-You do not have a valid entry in the relation \*(lqpg_user\*(rq and
+.BI "user \*(lq" "username" "\*(rq is not in \*(lqpg_shadow\*(rq"
+You do not have a valid entry in the relation \*(lqpg_shadow\*(rq and
cannot do anything with Postgres at all; contact your Postgres site
administrator.
.TP
site administrator.
.TP
.BI "user \*(lq" "username" "\*(rq already exists"
-The user to be added already has an entry in the \*(lqpg_user\*(rq
+The user to be added already has an entry in the \*(lqpg_shadow\*(rq
class.
.TP
.BR "database access failed"
.\" This is -*-nroff-*-
.\" XXX standard disclaimer belongs here....
-.\" $Header: /cvsroot/pgsql/src/man/Attic/destroyuser.1,v 1.6 1998/01/26 01:42:46 scrappy Exp $
+.\" $Header: /cvsroot/pgsql/src/man/Attic/destroyuser.1,v 1.7 1998/03/06 18:03:35 momjian Exp $
.TH DESTROYUSER UNIX 11/05/95 PostgreSQL PostgreSQL
.SH NAME
destroyuser - destroy a Postgres user and associated databases
.IR Destroyuser
destroys an existing Postgres user and the databases for which that user
is database administrator. Only users with \*(lqusesuper\*(rq set in
-the \*(lqpg_user\*(rq class can destroy new Postgres users. As shipped,
+the \*(lqpg_shadow\*(rq class can destroy new Postgres users. As shipped,
the user \*(lqpostgres\*(rq can destroy users.
.PP
.IR Destroyuser
port. If your site uses an authentication system, ensure that you
have obtained the required authentication credentials.
.TP
-.BI "user \*(lq" "username" "\*(rq is not in \*(lqpg_user\*(rq"
-You do not have a valid entry in the relation \*(lqpg_user\*(rq and
+.BI "user \*(lq" "username" "\*(rq is not in \*(lqpg_shadow\*(rq"
+You do not have a valid entry in the relation \*(lqpg_shadow\*(rq and
cannot do anything with Postgres at all; contact your Postgres site
administrator.
.TP
administrator.
.TP
.BI "user \*(lq" "username" "\*(rq does not exist"
-The user to be removed does not have an entry in the \*(lqpg_user\*(rq
+The user to be removed does not have an entry in the \*(lqpg_shadow\*(rq
class.
.TP
.BR "database access failed"
.\" This is -*-nroff-*-
.\" XXX standard disclaimer belongs here....
-.\" $Header: /cvsroot/pgsql/src/man/Attic/pg_dumpall.1,v 1.3 1998/01/11 22:17:47 momjian Exp $
+.\" $Header: /cvsroot/pgsql/src/man/Attic/pg_dumpall.1,v 1.4 1998/03/06 18:03:37 momjian Exp $
.TH pg_dumpall UNIX 1/20/96 PostgreSQL PostgreSQL
.SH NAME
pg_dumpall - dumps out all Postgres databases into a script file
.SH DESCRIPTION
.IR "pg_dumpall"
is a utility for dumping out all Postgres databases into one file.
-It also dumps the pg_user table, which is global to all databases.
+It also dumps the pg_shadow table, which is global to all databases.
pg_dumpall creates each dumped database before loading.
pg_dumpall takes all pg_dump options, but \fB-f\fR and \fBdbname\fR
should not be used.
.\" This is -*-nroff-*-
-.\" $Header: /cvsroot/pgsql/src/man/Attic/pg_hba.conf.5,v 1.4 1998/01/27 03:25:14 scrappy Exp $
+.\" $Header: /cvsroot/pgsql/src/man/Attic/pg_hba.conf.5,v 1.5 1998/03/06 18:03:38 momjian Exp $
.TH pg_hba.conf 5 1/26/98 PostgreSQL PostgreSQL
.SH NAME
$PGDATA/pg_hba.conf
.PP
.IR crypt
- the client is asked for a password for the user. This is sent encrypted
-(using crypt(3)) and compared against the password held in the pg_user table.
+(using crypt(3)) and compared against the password held in the pg_shadow table.
If the passwords match, the connection is allowed.
.PP
.IR password
- the client is asked for a password for the user. This is sent in clear
-and compared against the password held in the pg_user table.
+and compared against the password held in the pg_shadow table.
If the passwords match, the connection is allowed. An optional password file
may be specified after the
.IR password
-keyword which is used to match the supplied password rather than the pg_user
+keyword which is used to match the supplied password rather than the pg_shadow
table. See pg_passwd(1).
.PP
The following authentication methods are supported for TCP/IP
OSDN Git Service
