From ba1d990cf7a62abe0fda40874e621efe61b8fbc0 Mon Sep 17 00:00:00 2001 From: Bruce Momjian Date: Fri, 6 Mar 1998 18:03:38 +0000 Subject: [PATCH] pg_user cleanup. --- src/backend/commands/user.c | 26 +++++++++++++------------- src/backend/libpq/pg_hba.conf.sample | 5 +++-- src/man/alter_user.l | 6 +++--- src/man/catalogs.3 | 6 +++--- src/man/create_user.l | 16 ++++++++-------- src/man/createuser.1 | 10 +++++----- src/man/destroyuser.1 | 10 +++++----- src/man/pg_dumpall.1 | 4 ++-- src/man/pg_hba.conf.5 | 8 ++++---- 9 files changed, 46 insertions(+), 45 deletions(-) diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c index 9ef2613a4f..a5b1715be4 100644 --- a/src/backend/commands/user.c +++ b/src/backend/commands/user.c @@ -89,7 +89,7 @@ void DefineUser(CreateUserStmt *stmt) { - char *pg_user; + char *pg_shadow; Relation pg_shadow_rel; TupleDesc pg_shadow_dsc; HeapScanDesc scan; @@ -112,12 +112,12 @@ DefineUser(CreateUserStmt *stmt) * Make sure the user attempting to create a user can insert into the * pg_shadow relation. */ - pg_user = GetPgUserName(); - if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR | ACL_AP) != ACLCHECK_OK) + pg_shadow = GetPgUserName(); + if (pg_aclcheck(ShadowRelationName, pg_shadow, ACL_RD | ACL_WR | ACL_AP) != ACLCHECK_OK) { UserAbortTransactionBlock(); elog(ERROR, "defineUser: user \"%s\" does not have SELECT and INSERT privilege for \"%s\"", - pg_user, ShadowRelationName); + pg_shadow, ShadowRelationName); return; } @@ -220,7 +220,7 @@ extern void AlterUser(AlterUserStmt *stmt) { - char *pg_user; + char *pg_shadow; Relation pg_shadow_rel; TupleDesc pg_shadow_dsc; HeapScanDesc scan; @@ -242,12 +242,12 @@ AlterUser(AlterUserStmt *stmt) * Make sure the user attempting to create a user can insert into the * pg_shadow relation. */ - pg_user = GetPgUserName(); - if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) + pg_shadow = GetPgUserName(); + if (pg_aclcheck(ShadowRelationName, pg_shadow, ACL_RD | ACL_WR) != ACLCHECK_OK) { UserAbortTransactionBlock(); elog(ERROR, "alterUser: user \"%s\" does not have SELECT and UPDATE privilege for \"%s\"", - pg_user, ShadowRelationName); + pg_shadow, ShadowRelationName); return; } @@ -347,7 +347,7 @@ extern void RemoveUser(char *user) { - char *pg_user; + char *pg_shadow; Relation pg_shadow_rel, pg_rel; TupleDesc pg_dsc; @@ -369,12 +369,12 @@ RemoveUser(char *user) * Make sure the user attempting to create a user can delete from the * pg_shadow relation. */ - pg_user = GetPgUserName(); - if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) + pg_shadow = GetPgUserName(); + if (pg_aclcheck(ShadowRelationName, pg_shadow, ACL_RD | ACL_WR) != ACLCHECK_OK) { UserAbortTransactionBlock(); elog(ERROR, "removeUser: user \"%s\" does not have SELECT and DELETE privilege for \"%s\"", - pg_user, ShadowRelationName); + pg_shadow, ShadowRelationName); return; } @@ -463,7 +463,7 @@ RemoveUser(char *user) * tables, views, etc owned by the user. * * The second option would be to create a means of deleting tables, view, - * etc. owned by the user from other databases. Pg_user is global and + * etc. owned by the user from other databases. pg_shadow is global and * so this must be done at some point. * * Let us not forget that the user should be removed from the pg_groups diff --git a/src/backend/libpq/pg_hba.conf.sample b/src/backend/libpq/pg_hba.conf.sample index 2fc47dab97..fb2be3bdbb 100644 --- a/src/backend/libpq/pg_hba.conf.sample +++ b/src/backend/libpq/pg_hba.conf.sample @@ -68,10 +68,11 @@ # by the host. If AUTH_ARGUMENT is specified then the password is # compared with the user's entry in that file (in the $PGDATA # directory). See pg_passwd(1). If it is omitted then the -# password is compared with the user's entry in the pg_user table. +# password is compared with the user's entry in the pg_shadow +# table. # # crypt: Authentication is done by matching an encrypted password supplied -# by the host with that held for the user in the pg_user table. +# by the host with that held for the user in the pg_shadow table. # # krb4: Kerberos V4 authentication is used. # diff --git a/src/man/alter_user.l b/src/man/alter_user.l index 5134fa8774..fd51693c57 100644 --- a/src/man/alter_user.l +++ b/src/man/alter_user.l @@ -1,6 +1,6 @@ .\" This is -*-nroff-*- .\" XXX standard disclaimer belongs here.... -.\" $Header: /cvsroot/pgsql/src/man/Attic/alter_user.l,v 1.1 1998/01/25 07:42:00 scrappy Exp $ +.\" $Header: /cvsroot/pgsql/src/man/Attic/alter_user.l,v 1.2 1998/03/06 18:02:49 momjian Exp $ .TH "ALTER USER" SQL 01/26/98 PostgreSQL PostgreSQL .SH NAME alter user -- alter user account information within a PostgreSQL instance @@ -20,10 +20,10 @@ detailed description of each of the clause in the alter user statement, please see the create_user(l) manual page. Please note that it is not possible to alter a user's usesysid via the alter user statement. Also, it is only possible for the postgres user or any user with read and modify -permissions on pg_user to alter user passwords. +permissions on pg_shadow to alter user passwords. If any of the clauses of the alter user statement are omitted, the -corresponding value in the pg_user relation is left unchanged. +corresponding value in the pg_shadow relation is left unchanged. This statement can be used to modify users created with createuser(1). diff --git a/src/man/catalogs.3 b/src/man/catalogs.3 index fb66dd0394..3f8eee0ac3 100644 --- a/src/man/catalogs.3 +++ b/src/man/catalogs.3 @@ -1,6 +1,6 @@ .\" This is -*-nroff-*- .\" XXX standard disclaimer belongs here.... -.\" $Header: /cvsroot/pgsql/src/man/Attic/catalogs.3,v 1.3 1998/01/11 22:17:06 momjian Exp $ +.\" $Header: /cvsroot/pgsql/src/man/Attic/catalogs.3,v 1.4 1998/03/06 18:03:02 momjian Exp $ .TH "SYSTEM CATALOGS" INTRO 03/13/94 PostgreSQL PostgreSQL .SH "Section 7 - System Catalogs" .de LS @@ -43,7 +43,7 @@ the site: \fBname\fP \fBshared/local\fP \fBdescription\fP pg_database shared current databases pg_group shared user groups - pg_user shared valid users + pg_shadow shared valid users .LE .SH "RULE SYSTEM CATALOGS" .LS @@ -339,7 +339,7 @@ pg_group int2 grolist[1] /* list of usesysids of group members */ .fi .nf M -pg_user +pg_shadow NameData usename /* user's name */ int2 usesysid /* user's UNIX user id */ bool usecreatedb /* can user create databases? */ diff --git a/src/man/create_user.l b/src/man/create_user.l index 49fd4d26e5..e39ea0f73b 100644 --- a/src/man/create_user.l +++ b/src/man/create_user.l @@ -1,6 +1,6 @@ .\" This is -*-nroff-*- .\" XXX standard disclaimer belongs here.... -.\" $Header: /cvsroot/pgsql/src/man/Attic/create_user.l,v 1.1 1998/01/25 07:42:01 scrappy Exp $ +.\" $Header: /cvsroot/pgsql/src/man/Attic/create_user.l,v 1.2 1998/03/06 18:03:21 momjian Exp $ .TH "CREATE USER" SQL 01/26/98 PostgreSQL PostgreSQL .SH NAME create user -- create a new user within a PostgreSQL instance @@ -16,7 +16,7 @@ create user -- create a new user within a PostgreSQL instance .SH DESCRIPTION .BR "create user" will add a new user to an instance of PostgreSQL. The new user will be -given a usesysid of 'SELECT max(usesysid) + 1 FROM pg_user'. This means +given a usesysid of 'SELECT max(usesysid) + 1 FROM pg_shadow'. This means that a PostgreSQL user's usesysid will not correspond to their operating system(OS) user id. The exception to this rule is the 'postgres' user, whose OS user id is used as the usesysid during the initdb process. If @@ -24,15 +24,15 @@ you still want the OS user id and the usesysid to match for any given user, then use the createuser(1) script provided with the PostgreSQL distribution. -The 'with password' clause sets the user's password within the pg_user -relation. For this reason, pg_user is no longer accessible to the +The 'with password' clause sets the user's password within the pg_shadow +relation. For this reason, pg_shadow is no longer accessible to the 'public' group. Please note that when initdb(1) is executed for an instance of PostgreSQL that the postgres user's password is initially set -to NULL. When a user's password in the pg_user relation is NULL, then +to NULL. When a user's password in the pg_shadow relation is NULL, then user authentication proceeds as it historically has (HBA, PG_PASSWORD, etc). However, if a password is set for a user, then a new authentication system supplants any other configured for the PostgreSQL instance, and the -password stored in the pg_user relation is used for authentication. For +password stored in the pg_shadow relation is used for authentication. For more details on how this authentication system functions see pg_crypt(3). If the 'with password' clause is omitted, then the user's password is set to the empty string with equates to a NULL value in the authentication @@ -54,9 +54,9 @@ defined in the pg_group relation). Finally, the 'valid until' clause sets an absolute time after which the user's PostgreSQL login is no longer valid. Please note that if a user -does not have a password defined in the pg_user relation, then the valid +does not have a password defined in the pg_shadow relation, then the valid until date will not be checked during user authentication. If this clause -is omitted, then a NULL value is stored in pg_user for this attribute, and +is omitted, then a NULL value is stored in pg_shadow for this attribute, and the login will be valid for all time. .SH EXAMPLES diff --git a/src/man/createuser.1 b/src/man/createuser.1 index 30a4cbac62..ca10405135 100644 --- a/src/man/createuser.1 +++ b/src/man/createuser.1 @@ -1,6 +1,6 @@ .\" This is -*-nroff-*- .\" XXX standard disclaimer belongs here.... -.\" $Header: /cvsroot/pgsql/src/man/Attic/createuser.1,v 1.6 1998/01/26 01:42:44 scrappy Exp $ +.\" $Header: /cvsroot/pgsql/src/man/Attic/createuser.1,v 1.7 1998/03/06 18:03:31 momjian Exp $ .TH CREATEUSER UNIX 11/05/95 PostgreSQL PostgreSQL .SH NAME createuser - create a Postgres user @@ -19,7 +19,7 @@ port] .SH DESCRIPTION .IR Createuser creates a new Postgres user. Only users with \*(lqusesuper\*(rq set in -the \*(lqpg_user\*(rq class can create new Postgres users. As shipped, +the \*(lqpg_shadow\*(rq class can create new Postgres users. As shipped, the user \*(lqpostgres\*(rq can create users. .PP .IR Createuser @@ -96,8 +96,8 @@ is running on the proper host and that you have specified the proper port. If your site uses an authentication system, ensure that you have obtained the required authentication credentials. .TP -.BI "user \*(lq" "username" "\*(rq is not in \*(lqpg_user\*(rq" -You do not have a valid entry in the relation \*(lqpg_user\*(rq and +.BI "user \*(lq" "username" "\*(rq is not in \*(lqpg_shadow\*(rq" +You do not have a valid entry in the relation \*(lqpg_shadow\*(rq and cannot do anything with Postgres at all; contact your Postgres site administrator. .TP @@ -106,7 +106,7 @@ You do not have permission to create new users; contact your Postgres site administrator. .TP .BI "user \*(lq" "username" "\*(rq already exists" -The user to be added already has an entry in the \*(lqpg_user\*(rq +The user to be added already has an entry in the \*(lqpg_shadow\*(rq class. .TP .BR "database access failed" diff --git a/src/man/destroyuser.1 b/src/man/destroyuser.1 index a1a04baf44..2cd131e944 100644 --- a/src/man/destroyuser.1 +++ b/src/man/destroyuser.1 @@ -1,6 +1,6 @@ .\" This is -*-nroff-*- .\" XXX standard disclaimer belongs here.... -.\" $Header: /cvsroot/pgsql/src/man/Attic/destroyuser.1,v 1.6 1998/01/26 01:42:46 scrappy Exp $ +.\" $Header: /cvsroot/pgsql/src/man/Attic/destroyuser.1,v 1.7 1998/03/06 18:03:35 momjian Exp $ .TH DESTROYUSER UNIX 11/05/95 PostgreSQL PostgreSQL .SH NAME destroyuser - destroy a Postgres user and associated databases @@ -21,7 +21,7 @@ port] .IR Destroyuser destroys an existing Postgres user and the databases for which that user is database administrator. Only users with \*(lqusesuper\*(rq set in -the \*(lqpg_user\*(rq class can destroy new Postgres users. As shipped, +the \*(lqpg_shadow\*(rq class can destroy new Postgres users. As shipped, the user \*(lqpostgres\*(rq can destroy users. .PP .IR Destroyuser @@ -92,8 +92,8 @@ is running on the proper host and that you have specified the proper port. If your site uses an authentication system, ensure that you have obtained the required authentication credentials. .TP -.BI "user \*(lq" "username" "\*(rq is not in \*(lqpg_user\*(rq" -You do not have a valid entry in the relation \*(lqpg_user\*(rq and +.BI "user \*(lq" "username" "\*(rq is not in \*(lqpg_shadow\*(rq" +You do not have a valid entry in the relation \*(lqpg_shadow\*(rq and cannot do anything with Postgres at all; contact your Postgres site administrator. .TP @@ -102,7 +102,7 @@ You do not have permission to delete users; contact your Postgres site administrator. .TP .BI "user \*(lq" "username" "\*(rq does not exist" -The user to be removed does not have an entry in the \*(lqpg_user\*(rq +The user to be removed does not have an entry in the \*(lqpg_shadow\*(rq class. .TP .BR "database access failed" diff --git a/src/man/pg_dumpall.1 b/src/man/pg_dumpall.1 index 64d5bf8731..aefadaaac9 100644 --- a/src/man/pg_dumpall.1 +++ b/src/man/pg_dumpall.1 @@ -1,6 +1,6 @@ .\" This is -*-nroff-*- .\" XXX standard disclaimer belongs here.... -.\" $Header: /cvsroot/pgsql/src/man/Attic/pg_dumpall.1,v 1.3 1998/01/11 22:17:47 momjian Exp $ +.\" $Header: /cvsroot/pgsql/src/man/Attic/pg_dumpall.1,v 1.4 1998/03/06 18:03:37 momjian Exp $ .TH pg_dumpall UNIX 1/20/96 PostgreSQL PostgreSQL .SH NAME pg_dumpall - dumps out all Postgres databases into a script file @@ -10,7 +10,7 @@ pg_dumpall - dumps out all Postgres databases into a script file .SH DESCRIPTION .IR "pg_dumpall" is a utility for dumping out all Postgres databases into one file. -It also dumps the pg_user table, which is global to all databases. +It also dumps the pg_shadow table, which is global to all databases. pg_dumpall creates each dumped database before loading. pg_dumpall takes all pg_dump options, but \fB-f\fR and \fBdbname\fR should not be used. diff --git a/src/man/pg_hba.conf.5 b/src/man/pg_hba.conf.5 index 4d14aa7346..32166ea2d3 100644 --- a/src/man/pg_hba.conf.5 +++ b/src/man/pg_hba.conf.5 @@ -1,5 +1,5 @@ .\" This is -*-nroff-*- -.\" $Header: /cvsroot/pgsql/src/man/Attic/pg_hba.conf.5,v 1.4 1998/01/27 03:25:14 scrappy Exp $ +.\" $Header: /cvsroot/pgsql/src/man/Attic/pg_hba.conf.5,v 1.5 1998/03/06 18:03:38 momjian Exp $ .TH pg_hba.conf 5 1/26/98 PostgreSQL PostgreSQL .SH NAME $PGDATA/pg_hba.conf @@ -61,16 +61,16 @@ domain sockets. .PP .IR crypt - the client is asked for a password for the user. This is sent encrypted -(using crypt(3)) and compared against the password held in the pg_user table. +(using crypt(3)) and compared against the password held in the pg_shadow table. If the passwords match, the connection is allowed. .PP .IR password - the client is asked for a password for the user. This is sent in clear -and compared against the password held in the pg_user table. +and compared against the password held in the pg_shadow table. If the passwords match, the connection is allowed. An optional password file may be specified after the .IR password -keyword which is used to match the supplied password rather than the pg_user +keyword which is used to match the supplied password rather than the pg_shadow table. See pg_passwd(1). .PP The following authentication methods are supported for TCP/IP -- 2.11.0