Improvements

2022-05-09 18:02:43 +02:00 · 2022-05-09 18:02:43 +02:00 · 2f364bce8a
commit 2f364bce8a
parent 7138110090
4 changed files with 2 additions and 25 deletions
--- a/README_rds.md
+++ b/README_rds.md
@ -14,10 +14,8 @@ As Amazon has modified Postgresql so you don't have access as a *real* superuser

 ## Instructions

-##
-
 ### First deploy
-Deploy `passchanger.sql` on the desired cluster/database.
+Deploy `passchanger_rds.sql` on the desired cluster/database.

 It will:
  * create a `dba` schema
--- a/grants_to_grant.sql
+++ b/grants_to_grant.sql
@ -14,11 +14,3 @@ GRANT INSERT ON TABLE dba.pwdhistory TO dodger;

 -- SET SESSION AUTORIZATION dodger ;

-
-
-'tV4{A#&x|P%hKM9*}4a0'
-
-select dba.change_my_password( 'XFF{O>%|<e%_#F$pHqaB' ) ;
-
-
-XFF{O>%|<e%_#F$pHqaB
--- a/grants_to_grant_rds.sql
+++ b/grants_to_grant_rds.sql
@ -1,12 +0,0 @@
-
-- grant usage for schema dba
-grant usage on schema dba to dodger ;
-
-- grant execute on the function change_my_password
-grant execute on function dba.change_my_password(text) to dodger;
-- grant execute on the function change_valid_until
-grant execute on function dba.change_valid_until(text, text) to dodger;
-
-- only insert is needed to allow audit trace
-GRANT INSERT ON TABLE dba.pwdhistory TO dodger;
-
--- a/passchanger_rds.sql
+++ b/passchanger_rds.sql
@ -11,7 +11,6 @@ GRANT rds_superuser TO dba ;
 -- grant select on pg_catalog.pg_authid to dba ;
 grant pg_read_all_stats to dba ;

-
 -- password history table
 CREATE TABLE IF NOT EXISTS dba.pwdhistory
 (
@ -88,7 +87,7 @@ begin
 end
 $BODY$;

-ALTER FUNCTION dba.change_valid_until(text, text) OWNER TO dba;
+-- ALTER FUNCTION dba.change_valid_until(text, text) OWNER TO dba;
 REVOKE EXECUTE ON FUNCTION dba.change_valid_until(text, text) From PUBLIC;

 CREATE OR REPLACE FUNCTION dba.change_my_password(_password text)