1999-12-04 05:53:22 +01:00
|
|
|
<!--
|
UUNET is looking into offering PostgreSQL as a part of a managed web
hosting product, on both shared and dedicated machines. We currently
offer Oracle and MySQL, and it would be a nice middle-ground.
However, as shipped, PostgreSQL lacks the following features we need
that MySQL has:
1. The ability to listen only on a particular IP address. Each
hosting customer has their own IP address, on which all of their
servers (http, ftp, real media, etc.) run.
2. The ability to place the Unix-domain socket in a mode 700 directory.
This allows us to automatically create an empty database, with an
empty DBA password, for new or upgrading customers without having
to interactively set a DBA password and communicate it to (or from)
the customer. This in turn cuts down our install and upgrade times.
3. The ability to connect to the Unix-domain socket from within a
change-rooted environment. We run CGI programs chrooted to the
user's home directory, which is another reason why we need to be
able to specify where the Unix-domain socket is, instead of /tmp.
4. The ability to, if run as root, open a pid file in /var/run as
root, and then setuid to the desired user. (mysqld -u can almost
do this; I had to patch it, too).
The patch below fixes problem 1-3. I plan to address #4, also, but
haven't done so yet. These diffs are big enough that they should give
the PG development team something to think about in the meantime :-)
Also, I'm about to leave for 2 weeks' vacation, so I thought I'd get
out what I have, which works (for the problems it tackles), now.
With these changes, we can set up and run PostgreSQL with scripts the
same way we can with apache or proftpd or mysql.
In summary, this patch makes the following enhancements:
1. Adds an environment variable PGUNIXSOCKET, analogous to MYSQL_UNIX_PORT,
and command line options -k --unix-socket to the relevant programs.
2. Adds a -h option to postmaster to set the hostname or IP address to
listen on instead of the default INADDR_ANY.
3. Extends some library interfaces to support the above.
4. Fixes a few memory leaks in PQconnectdb().
The default behavior is unchanged from stock 7.0.2; if you don't use
any of these new features, they don't change the operation.
David J. MacKenzie
2000-11-13 16:18:15 +01:00
|
|
|
$Header: /cvsroot/pgsql/doc/src/sgml/ref/dropuser.sgml,v 1.6 2000/11/13 15:18:08 momjian Exp $
|
1999-12-04 05:53:22 +01:00
|
|
|
Postgres documentation
|
|
|
|
|
-->
|
|
|
|
|
|
|
|
|
|
<refentry id="APP-DROPUSER">
|
2000-11-12 00:01:45 +01:00
|
|
|
<docinfo>
|
|
|
|
|
<date>2000-11-11</date>
|
|
|
|
|
</docinfo>
|
|
|
|
|
|
1999-12-04 05:53:22 +01:00
|
|
|
<refmeta>
|
2000-11-12 00:01:45 +01:00
|
|
|
<refentrytitle id="APP-DROPUSER-TITLE"><application>dropuser</application></refentrytitle>
|
|
|
|
|
<manvolnum>1</manvolnum>
|
1999-12-04 05:53:22 +01:00
|
|
|
<refmiscinfo>Application</refmiscinfo>
|
|
|
|
|
</refmeta>
|
2000-11-12 00:01:45 +01:00
|
|
|
|
1999-12-04 05:53:22 +01:00
|
|
|
<refnamediv>
|
2000-11-12 00:01:45 +01:00
|
|
|
<refname>dropuser</refname>
|
|
|
|
|
<refpurpose>Drops (removes) a <productname>Postgres</productname> user</refpurpose>
|
1999-12-04 05:53:22 +01:00
|
|
|
</refnamediv>
|
2000-11-12 00:01:45 +01:00
|
|
|
|
1999-12-04 05:53:22 +01:00
|
|
|
<refsynopsisdiv>
|
2000-11-12 00:01:45 +01:00
|
|
|
<cmdsynopsis>
|
|
|
|
|
<command>dropuser</command>
|
|
|
|
|
<arg rep="repeat"><replaceable>options</replaceable></arg>
|
|
|
|
|
<arg><replaceable>username</replaceable></arg>
|
|
|
|
|
</cmdsynopsis>
|
1999-12-04 05:53:22 +01:00
|
|
|
|
|
|
|
|
<refsect2 id="R2-APP-DROPUSER-1">
|
|
|
|
|
<title>
|
|
|
|
|
Inputs
|
|
|
|
|
</title>
|
|
|
|
|
<para>
|
|
|
|
|
|
|
|
|
|
<variablelist>
|
|
|
|
|
<varlistentry>
|
|
|
|
|
<term>-h, --host <replaceable class="parameter">host</replaceable></term>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
Specifies the hostname of the machine on which the
|
|
|
|
|
<application>postmaster</application>
|
|
|
|
|
is running.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
|
|
|
|
<term>-p, --port <replaceable class="parameter">port</replaceable></term>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
Specifies the Internet TCP/IP port or local Unix domain socket file
|
|
|
|
|
extension on which the <application>postmaster</application>
|
|
|
|
|
is listening for connections.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
UUNET is looking into offering PostgreSQL as a part of a managed web
hosting product, on both shared and dedicated machines. We currently
offer Oracle and MySQL, and it would be a nice middle-ground.
However, as shipped, PostgreSQL lacks the following features we need
that MySQL has:
1. The ability to listen only on a particular IP address. Each
hosting customer has their own IP address, on which all of their
servers (http, ftp, real media, etc.) run.
2. The ability to place the Unix-domain socket in a mode 700 directory.
This allows us to automatically create an empty database, with an
empty DBA password, for new or upgrading customers without having
to interactively set a DBA password and communicate it to (or from)
the customer. This in turn cuts down our install and upgrade times.
3. The ability to connect to the Unix-domain socket from within a
change-rooted environment. We run CGI programs chrooted to the
user's home directory, which is another reason why we need to be
able to specify where the Unix-domain socket is, instead of /tmp.
4. The ability to, if run as root, open a pid file in /var/run as
root, and then setuid to the desired user. (mysqld -u can almost
do this; I had to patch it, too).
The patch below fixes problem 1-3. I plan to address #4, also, but
haven't done so yet. These diffs are big enough that they should give
the PG development team something to think about in the meantime :-)
Also, I'm about to leave for 2 weeks' vacation, so I thought I'd get
out what I have, which works (for the problems it tackles), now.
With these changes, we can set up and run PostgreSQL with scripts the
same way we can with apache or proftpd or mysql.
In summary, this patch makes the following enhancements:
1. Adds an environment variable PGUNIXSOCKET, analogous to MYSQL_UNIX_PORT,
and command line options -k --unix-socket to the relevant programs.
2. Adds a -h option to postmaster to set the hostname or IP address to
listen on instead of the default INADDR_ANY.
3. Extends some library interfaces to support the above.
4. Fixes a few memory leaks in PQconnectdb().
The default behavior is unchanged from stock 7.0.2; if you don't use
any of these new features, they don't change the operation.
David J. MacKenzie
2000-11-13 16:18:15 +01:00
|
|
|
<varlistentry>
|
|
|
|
|
<term>-k, --unixsocket <replaceable class="parameter">path</replaceable></term>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
Specifies the Unix-domain socket on which the
|
|
|
|
|
<application>postmaster</application> is running.
|
|
|
|
|
Without this option, the socket is created in <filename>/tmp</filename>
|
|
|
|
|
based on the port number.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
1999-12-04 05:53:22 +01:00
|
|
|
<varlistentry>
|
|
|
|
|
<term>-e, --echo</term>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
Echo the queries that <application>createdb</application> generates
|
|
|
|
|
and sends to the backend.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
|
|
|
|
<term>-q, --quiet</term>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
Do not display a response.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
|
|
|
|
<term>-i, --interactive</term>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
Prompt for confirmation before actually removing the user.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
|
|
|
|
<term><replaceable class="parameter">username</replaceable></term>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
2000-03-27 19:14:43 +02:00
|
|
|
Specifies the name of the <productname>Postgres</productname> user to be removed.
|
1999-12-04 05:53:22 +01:00
|
|
|
This name must exist in the <productname>Postgres</productname> installation.
|
|
|
|
|
You will be prompted for a name if none is specified on the command line.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
</variablelist>
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
The options <literal>-h</literal>, <literal>-p</literal>, and <literal>-e</literal>,
|
1999-12-07 23:41:44 +01:00
|
|
|
are passed on literally to <xref linkend="APP-PSQL" endterm="APP-PSQL-title">. The
|
|
|
|
|
<application>psql</application> options <literal>-U</literal> and <literal>-W</literal>
|
|
|
|
|
are available as well, but they can be confusing in this context.
|
1999-12-04 05:53:22 +01:00
|
|
|
</para>
|
|
|
|
|
</refsect2>
|
|
|
|
|
|
|
|
|
|
<refsect2 id="R2-APP-DROPUSER-2">
|
|
|
|
|
<title>
|
|
|
|
|
Outputs
|
|
|
|
|
</title>
|
|
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
<variablelist>
|
|
|
|
|
<varlistentry>
|
|
|
|
|
<term><computeroutput>DROP USER</computeroutput></term>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
All is well.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
<varlistentry>
|
2000-01-12 20:36:36 +01:00
|
|
|
<term><computeroutput>dropuser: deletion of user "<replaceable class="parameter">username</replaceable>" failed</computeroutput></term>
|
1999-12-04 05:53:22 +01:00
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
Something went wrong. The user was not removed.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
|
|
|
|
|
</variablelist>
|
|
|
|
|
|
|
|
|
|
If there is an error condition, the backend error message will be displayed.
|
|
|
|
|
See <xref linkend="SQL-DROPUSER" endterm="SQL-DROPUSER-title">
|
|
|
|
|
and <xref linkend="APP-PSQL" endterm="APP-PSQL-title"> for possibilities.
|
|
|
|
|
</para>
|
|
|
|
|
</refsect2>
|
|
|
|
|
</refsynopsisdiv>
|
|
|
|
|
|
|
|
|
|
<refsect1 id="R1-APP-DROPUSER-1">
|
|
|
|
|
<title>
|
|
|
|
|
Description
|
|
|
|
|
</title>
|
|
|
|
|
<para>
|
|
|
|
|
<application>dropuser</application> removes an existing
|
2000-03-27 19:14:43 +02:00
|
|
|
<productname>Postgres</productname> user
|
1999-12-04 05:53:22 +01:00
|
|
|
<emphasis>and</emphasis> the databases which that user owned.
|
|
|
|
|
Only users with <literal>usesuper</literal> set in
|
|
|
|
|
the <literal>pg_shadow</literal> class can destroy
|
2000-03-27 19:14:43 +02:00
|
|
|
<productname>Postgres</productname> users.
|
1999-12-04 05:53:22 +01:00
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
<application>dropuser</application> is a shell script wrapper around the
|
|
|
|
|
<acronym>SQL</acronym> command
|
|
|
|
|
<xref linkend="SQL-DROPUSER" endterm="SQL-DROPUSER-title"> via
|
2000-03-27 19:14:43 +02:00
|
|
|
the <productname>Postgres</productname> interactive terminal
|
1999-12-04 05:53:22 +01:00
|
|
|
<xref linkend="APP-PSQL" endterm="APP-PSQL-title">. Thus, there is nothing
|
|
|
|
|
special about removing users via this or other methods. This means
|
|
|
|
|
that the <application>psql</application> must be found by the script and that
|
|
|
|
|
a database server is running at the targeted host. Also, any default
|
|
|
|
|
settings and environment variables available to <application>psql</application>
|
|
|
|
|
and the <application>libpq</application> front-end library do apply.
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
</refsect1>
|
|
|
|
|
|
|
|
|
|
<refsect1 id="R1-APP-DROPUSER-2">
|
2000-11-12 00:01:45 +01:00
|
|
|
<title>Usage</title>
|
1999-12-04 05:53:22 +01:00
|
|
|
|
2000-11-12 00:01:45 +01:00
|
|
|
<informalexample>
|
|
|
|
|
<para>
|
|
|
|
|
To remove user <literal>joe</literal> from the default database
|
|
|
|
|
server:
|
|
|
|
|
<screen>
|
|
|
|
|
<prompt>$ </prompt><userinput>dropuser joe</userinput>
|
|
|
|
|
<computeroutput>DROP USER</computeroutput>
|
|
|
|
|
</screen>
|
|
|
|
|
</para>
|
|
|
|
|
</informalexample>
|
|
|
|
|
|
|
|
|
|
<informalexample>
|
|
|
|
|
<para>
|
|
|
|
|
To remove user <literal>joe</literal> using the postmaster on host
|
|
|
|
|
eden, port 5000, with verification and a peek at the underlying
|
|
|
|
|
query:
|
|
|
|
|
<screen>
|
|
|
|
|
<prompt>$ </prompt><userinput>dropuser -p 5000 -h eden -i -e joe</userinput>
|
|
|
|
|
<computeroutput>User "joe" and any owned databases will be permanently deleted.
|
|
|
|
|
Are you sure? (y/n) </computeroutput><userinput>y</userinput>
|
|
|
|
|
<computeroutput>DROP USER "joe"
|
|
|
|
|
DROP USER</computeroutput>
|
|
|
|
|
</screen>
|
|
|
|
|
</para>
|
|
|
|
|
</informalexample>
|
1999-12-04 05:53:22 +01:00
|
|
|
</refsect1>
|
|
|
|
|
|
|
|
|
|
</refentry>
|
|
|
|
|
|
|
|
|
|
<!-- Keep this comment at the end of the file
|
|
|
|
|
Local variables:
|
|
|
|
|
mode: sgml
|
|
|
|
|
sgml-omittag:nil
|
|
|
|
|
sgml-shorttag:t
|
|
|
|
|
sgml-minimize-attributes:nil
|
|
|
|
|
sgml-always-quote-attributes:t
|
|
|
|
|
sgml-indent-step:1
|
|
|
|
|
sgml-indent-data:t
|
|
|
|
|
sgml-parent-document:nil
|
|
|
|
|
sgml-default-dtd-file:"../reference.ced"
|
|
|
|
|
sgml-exposed-tags:nil
|
|
|
|
|
sgml-local-catalogs:"/usr/lib/sgml/catalog"
|
|
|
|
|
sgml-local-ecat-files:nil
|
|
|
|
|
End:
|
|
|
|
|
-->
|
