< Zurück | Inhalt | Weiter >

14.9.3 Creating Our Database

Now that our username, mschwarz, has been created and is authorized to create databases, we use the createdb command to create our database:

[mschwarz@cassidy mschwarz]$ createdb budgetPro CREATE DATABASE

Notice that we did this as the Linux user mschwarz, so the createdb command used that username when it created the budgetPro database. What would have happened if we had used a Linux user that did not have a matching PostgreSQL user? Let’s see:

[albing@cassidy albing]$ createdb budgetPro createdb: could not connect to database template1: \ FATAL: user "albing" does not exist


Note that we have not implemented any security yet. The user mschwarz ex- ists, but it does not have a password. Depending on how PostgreSQL security is configured, it may be possible for any user to use the -U option with the PostgreSQL command-line utilities to impersonate mschwarz. As packaged for Fedora Core 2, PostgreSQL uses ident to check authentication, so when albing attempts this, he gets this error:

[albing@cassidy albing]$ createdb -U mschwarz budgetPro createdb: could not connect to database template1: \ FATAL: IDENT authentication failed for user "mschwarz"

Just remember that this behavior is dependent on the local configuration of PostgreSQL. You cannot assume this security is in place just because you are in a PostgreSQL environment. Always be aware of the security configuration of your production environment!



14.10 Review 325