Add db-local user names, per discussion on hackers.

2025-01-18 18:44:06 +08:00 · 2002-08-18 03:03:26 +00:00 · 2002-08-18 03:03:26 +00:00 · 2c6b34d959
commit 2c6b34d959
parent 4b26e7d24b
7 changed files with 62 additions and 14 deletions
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/runtime.sgml,v 1.125 2002/08/15 14:26:15 momjian Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/runtime.sgml,v 1.126 2002/08/18 03:03:25 momjian Exp $
 -->
 <Chapter Id="runtime">
@ -1190,6 +1190,26 @@ env PGOPTIONS='-c geqo=off' psql
      </listitem>
     </varlistentry>
     <varlistentry>
      <term><varname>DB_USER_NAMESPACE</varname> (<type>boolean</type>)</term>
      <listitem>
       <para>
        This allows per-database user names.  You can create users as <literal>
        username@dbname</>.  When <literal>username</> is passed by the client,
        <literal>@</> and the database name is appended to the user name and
        that database-specific user name is looked up by the server. 
        When creating user names containing <literal>@</>, you will need
        to quote the user name.
       </para>
       <para>
        With this option enabled, you can still create ordinary global 
        users.  Simply append <literal>@</> when specifying the user name
        in the client.  The <literal>@</> will be stripped off and looked up
        by the server. 
       </para>
      </listitem>
     </varlistentry>
     <varlistentry>
      <indexterm>
       <primary>deadlock</primary>
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.82 2002/06/20 20:29:28 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.83 2002/08/18 03:03:25 momjian Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -117,7 +117,7 @@ pg_krb4_recvauth(Port *port)
 			 version, PG_KRB4_VERSION);
 		return STATUS_ERROR;
 	}
-	if (strncmp(port->user, auth_data.pname, SM_USER) != 0)
+	if (strncmp(port->user, auth_data.pname, SM_DATABASE_USER) != 0)
 	{
 		elog(LOG, "pg_krb4_recvauth: name \"%s\" != \"%s\"",
 			 port->user, auth_data.pname);
@ -290,7 +290,7 @@ pg_krb5_recvauth(Port *port)
 	}
 	kusername = pg_an_to_ln(kusername);
-	if (strncmp(port->user, kusername, SM_USER))
+	if (strncmp(port->user, kusername, SM_DATABASE_USER))
 	{
 		elog(LOG, "pg_krb5_recvauth: user name \"%s\" != krb5 name \"%s\"",
 			 port->user, kusername);
--- a/src/backend/postmaster/postmaster.c
+++ b/src/backend/postmaster/postmaster.c
@ -37,7 +37,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/postmaster/postmaster.c,v 1.284 2002/08/17 15:12:06 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/postmaster/postmaster.c,v 1.285 2002/08/18 03:03:25 momjian Exp $
 *
 * NOTES
 *
@ -116,7 +116,6 @@
 sigset_t	UnBlockSig,
 			BlockSig,
 			AuthBlockSig;
 #else
 int			UnBlockSig,
 			BlockSig,
@ -191,6 +190,8 @@ int			CheckPointTimeout = 300;
 bool		HostnameLookup;		/* for ps display */
 bool		ShowPortNumber;
 bool		Log_connections = false;
 bool		Db_user_namespace = false;
 /* Startup/shutdown state */
 static pid_t StartupPID = 0,
@ -1155,6 +1156,26 @@ ProcessStartupPacket(Port *port, bool SSLdone)
 	if (port->user[0] == '\0')
 		elog(FATAL, "no PostgreSQL user name specified in startup packet");
 	if (Db_user_namespace)
    {
 		/*
 		 *	If user@, it is a global user, remove '@'.
 		 *	We only want to do this if there is an '@' at the end and no
 		 *	earlier in the user string or they may fake as a local user
 		 *	of another database attaching to this database.
 		 */
 		if (strchr(port->user, '@') == port->user + strlen(port->user)-1)
 			*strchr(port->user, '@') = '\0';
 		else
 		{
 			/* Append '@' and dbname */
 			char hold_user[SM_DATABASE_USER+1];
 			snprintf(hold_user, SM_DATABASE_USER+1, "%s@%s", port->user,
 					 port->database);
 			strcpy(port->user, hold_user);
 		}
 	}
 	/*
 	 * If we're going to reject the connection due to database state, say
 	 * so now instead of wasting cycles on an authentication exchange.
@ -2581,11 +2602,10 @@ CreateOptsFile(int argc, char *argv[])
 	if (FindExec(fullprogname, argv[0], "postmaster") < 0)
 		return false;
-	filename = palloc(strlen(DataDir) + 20);
+	filename = palloc(strlen(DataDir) + 17);
 	sprintf(filename, "%s/postmaster.opts", DataDir);
-	fp = fopen(filename, "w");
+	if ((fp = fopen(filename, "w")) == NULL)
 	if (fp == NULL)
 	{
 		postmaster_error("cannot create file %s: %s",
 						 filename, strerror(errno));
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@ -5,7 +5,7 @@
 * command, configuration file, and command line options.
 * See src/backend/utils/misc/README for more information.
 *
- * $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.82 2002/08/15 02:51:26 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.83 2002/08/18 03:03:25 momjian Exp $
 *
 * Copyright 2000 by PostgreSQL Global Development Group
 * Written by Peter Eisentraut <peter_e@gmx.net>.
@ -483,6 +483,10 @@ static struct config_bool
 		{ "transform_null_equals", PGC_USERSET }, &Transform_null_equals,
 		false, NULL, NULL
 	},
 	{
 		{ "db_user_namespace", PGC_SIGHUP }, &Db_user_namespace,
 		false, NULL, NULL
 	},
 	{
 		{ NULL, 0 }, NULL, false, NULL, NULL
--- a/src/backend/utils/misc/postgresql.conf.sample
+++ b/src/backend/utils/misc/postgresql.conf.sample
@ -113,7 +113,6 @@
 #
 #	Message display
 #
 #server_min_messages = notice	# Values, in order of decreasing detail:
 				#   debug5, debug4, debug3, debug2, debug1,
 				#   info, notice, warning, error, log, fatal,
@ -201,3 +200,4 @@
 #sql_inheritance = true
 #transform_null_equals = false
 #statement_timeout = 0				# 0 is disabled
 #db_user_namespace = false
--- a/src/include/libpq/libpq-be.h
+++ b/src/include/libpq/libpq-be.h
@ -11,7 +11,7 @@
 * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
 * Portions Copyright (c) 1994, Regents of the University of California
 *
- * $Id: libpq-be.h,v 1.32 2002/06/20 20:29:49 momjian Exp $
+ * $Id: libpq-be.h,v 1.33 2002/08/18 03:03:26 momjian Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -59,7 +59,7 @@ typedef struct Port
 	ProtocolVersion proto;
 	char		database[SM_DATABASE + 1];
-	char		user[SM_USER + 1];
+	char		user[SM_DATABASE_USER + 1];
 	char		options[SM_OPTIONS + 1];
 	char		tty[SM_TTY + 1];
 	char		auth_arg[MAX_AUTH_ARG];
--- a/src/include/libpq/pqcomm.h
+++ b/src/include/libpq/pqcomm.h
@ -9,7 +9,7 @@
 * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
 * Portions Copyright (c) 1994, Regents of the University of California
 *
- * $Id: pqcomm.h,v 1.65 2002/08/12 14:35:26 tgl Exp $
+ * $Id: pqcomm.h,v 1.66 2002/08/18 03:03:26 momjian Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -114,6 +114,8 @@ typedef uint32 PacketLen;
 #define SM_DATABASE		64
 /* SM_USER should be the same size as the others.  bjm 2002-06-02 */
 #define SM_USER			32
 /* We append database name if db_user_namespace true. */
 #define SM_DATABASE_USER (SM_DATABASE+SM_USER+1) /* +1 for @ */
 #define SM_OPTIONS		64
 #define SM_UNUSED		64
 #define SM_TTY			64
@ -124,12 +126,14 @@ typedef struct StartupPacket
 {
 	ProtocolVersion protoVersion;		/* Protocol version */
 	char		database[SM_DATABASE];	/* Database name */
 				/* Db_user_namespace appends dbname */
 	char		user[SM_USER];	/* User name */
 	char		options[SM_OPTIONS];	/* Optional additional args */
 	char		unused[SM_UNUSED];		/* Unused */
 	char		tty[SM_TTY];	/* Tty for debug output */
 } StartupPacket;
 extern bool Db_user_namespace;
 /* These are the authentication requests sent by the backend. */