On Tue, 2005-11-01 at 22:29 +0100, Philippe Ferreira wrote:
> 
> > Restricting users to a specific schema is possible and practical. If you
> > want have each website use a different database user. You can even
> > change their search_path to use that schema by default.
> > 
> >   
> Ok. Do you have more information, or a link to such a setup ?
> (But note that with different databases, I can get a higher level of
> security, restricting
> access to users before they connect to any database, with
> "pg_hba.conf".)

drop schema public;

create user abc;
create schema authorization abc;

Now the user is pretty much stuck to using schema abc. Repeat for each
additional user.


The only real downside is that it is possible for one user to find out
what structures are in other schemas by querying pg_class directly. I
presume you aren't allowing users to create or manipulate structures
though since Slony won't find new structures by itself.

> > >   - error tolerance/independance (to not put all my eggs in the same 
> > > basket, or "in the same cluster" !)
> > >     
> > 
> > Unless you intend to use physically separate PostgreSQL daemons
> > operating on different ports, you have the same problem with both
> > configurations.
> >   
> I was thinking about the eventual corruption of a database, not of
> PostgreSQL.
> If a database happens to be corrupted, only this one need failover. In
> the case of a huge database,
> everything is concerned by the failure (and by the failover
> procedure !), which is a pain...

I see. The reasonable thing to do is have each users worth of tables
replicated independently using multiple sets. Sets work individually and
can be failed over or replicated independently of each-other.