Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Problems with PostgreSQL users permissions

From: "Michael Steele" <michaels () winsnort com>
Date: Sun, 4 Mar 2012 16:02:21 -0500
I'm trying to setup user permissions on a PostgreSQL database. 

I have two databases; snort, and archice

The snort.conf  is using user 'snort' to write events to the 'snort'
database, and the user 'snort' only needs to write events to the 'snort'
database.
Base is using user 'base' to manipulate the data in the 'snort' and
'archive' databases.  

I'm not real sure what I need to set per user, per table. I'm using some
examples I found. However there is a problem. In the 'GRANT UPDATE' line
below I get an error; the table ' reference_sys_ref_system_id_seq' is not
found. Looking in the database tables, that table hasn't been created.

I'm assuming the missing table is not needed?

Is the below the best way to accomplish what I'm looking to do?

 snort database - snort user:
snort=# GRANT SELECT ON detail, encoding, event, reference_system, schema,
sensor, sig_class, sig_reference, signature TO snort;
snort=# GRANT INSERT ON data, event, icmphdr, iphdr, opt, reference,
reference_system, sensor, sig_class, sig_reference, signature, tcphdr,
udphdr TO snort;
snort=# GRANT UPDATE ON reference_ref_id_seq,
reference_sys_ref_system_id_seq, sensor_sid_seq, sig_class_sig_class_id_seq,
signature_sig_id_seq TO snort;

snort database - base user:
  snort=# GRANT SELECT ON detail, encoding, event, reference_system, schema,
sensor, sig_class, sig_reference, signature TO archive;
  snort=# GRANT INSERT ON data, event, icmphdr, iphdr, opt, reference,
reference_system, sensor, sig_class, sig_reference, signature, tcphdr,
udphdr TO archive;
  snort=# GRANT UPDATE ON reference_ref_id_seq,
reference_sys_ref_system_id_seq, sensor_sid_seq, sig_class_sig_class_id_seq,
signature_sig_id_seq TO archive;

archive database - base user: 
archive=# GRANT SELECT ON detail, encoding, event, reference_system, schema,
sensor, sig_class, sig_reference, signature TO archive;
archive=# GRANT INSERT ON data, event, icmphdr, iphdr, opt, reference,
reference_system, sensor, sig_class, sig_reference, signature, tcphdr,
udphdr TO archive;
archive=# GRANT UPDATE ON reference_ref_id_seq,
reference_sys_ref_system_id_seq, sensor_sid_seq, sig_class_sig_class_id_seq,
signature_sig_id_seq TO archive;

Kindest regards,
Michael...


------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: