創(chuàng)建數(shù)據(jù)庫bbb且owner為用戶b:
postgres9.6@[local]:5432 postgres# create database bbb owner b;
CREATE DATABASE
Time: 259.099 ms
默認情況下使用用戶c也可以連接數(shù)據(jù)庫bbb:
postgres9.6@[local]:5432 postgres# \c bbb c
You are now connected to database "bbb" as user "c".
回收public的connect on database bbb權(quán)限:
c@[local]:5432 bbb# \c postgres postgres9.6
You are now connected to database "postgres" as user "postgres9.6".
postgres9.6@[local]:5432 postgres# revoke connect on database bbb from public;
REVOKE
Time: 2.088 ms
此時用戶c沒有了連接數(shù)據(jù)庫bbb的權(quán)限:
postgres9.6@[local]:5432 postgres# \c bbb c
FATAL: permission denied for database "bbb"
DETAIL: User does not have CONNECT privilege.
Previous connection kept
但bbb數(shù)據(jù)庫的owner用戶b可以連接數(shù)據(jù)庫:
postgres9.6@[local]:5432 postgres# \c bbb b
You are now connected to database "bbb" as user "b".
b@[local]:5432 bbb#
此種情況下超級用戶也可以連接該數(shù)據(jù)庫:
b@[local]:5432 bbb# \c bbb postgres9.6
You are now connected to database "bbb" as user "postgres9.6".
postgres9.6@[local]:5432 bbb#
postgres9.6@[local]:5432 bbb# \du
List of roles
Role name | Attributes | Member of
-------------+------------------------------------------------------------+-----------
a | | {}
b | | {}
c | | {}
postgres9.6 | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
另外一種方法:從pg_hba.conf中限定:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
...
#
host all all 0.0.0.0/0 md5
補充:Postgres限制每個用戶只能連接指定數(shù)量的session���,防止服務(wù)器資源緊張
限制每個用戶只能連接指定數(shù)量的session����,防止服務(wù)器資源緊張
(1)創(chuàng)建測試用戶test:
highgo=#create user test;
CREATEROLE
highgo=#\du
List of roles
Role name | Attributes | Member of
-----------+------------------------------------------------+----------
highgo | Superuser, Create role, Create DB, Replication | {}
test | | {}
(2)設(shè)置僅允許用戶test使用一個連接
highgo=#ALTER ROLE test CONNECTION LIMIT 1;
ALTERROLE
(3)在session 1中使用test用戶連接highgo數(shù)據(jù)庫
highgo=>\c highgo test
Youare now connected to database "highgo" as user "test".
highgo=>
(4)在session 2中也使用test用戶連接highgo數(shù)據(jù)庫�,會出現(xiàn)如下錯誤:
highgo=#\c highgo test
致命錯誤: 由角色"test"發(fā)起的連接太多了
Previousconnection kept
(5)查詢用戶test鏈接限制
highgo=>SELECT rolconnlimit FROM pg_roles WHERE rolname = 'test';
rolconnlimit
--------------
1
(1row)
以上為個人經(jīng)驗,希望能給大家一個參考���,也希望大家多多支持腳本之家�����。如有錯誤或未考慮完全的地方,望不吝賜教��。
您可能感興趣的文章:- postgresql修改完端口后直接psql連接數(shù)據(jù)庫報錯的解決
- 啟動PostgreSQL服務(wù)器 并用pgAdmin連接操作
- SpringBoot連接使用PostgreSql數(shù)據(jù)庫的方法
- 解決postgreSql遠程連接數(shù)據(jù)庫超時的問題
- navicat無法連接postgreSQL-11的解決方案
- postgreSQL中的內(nèi)連接和外連接實現(xiàn)操作
