| From: | "Gauthier, Dave" <dave(dot)gauthier(at)intel(dot)com> |
|---|---|
| To: | "Gauthier, Dave" <dave(dot)gauthier(at)intel(dot)com>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: alter default privileges problem |
| Date: | 2013-01-03 21:57:29 |
| Message-ID: | 0AD01C53605506449BA127FB8B99E5E13E11E5F0@FMSMSX105.amr.corp.intel.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
The fix had to do with connecting as the "insert" user, then setting the default privs. My mistake was to run the "alter default privileges..." as the superuser.
From: pgsql-general-owner(at)postgresql(dot)org [mailto:pgsql-general-owner(at)postgresql(dot)org] On Behalf Of Gauthier, Dave
Sent: Thursday, January 03, 2013 2:09 PM
To: pgsql-general(at)postgresql(dot)org
Subject: [GENERAL] alter default privileges problem
v9.1 on linux
Connect to postgres DB, then...
create user "select" password 'select';
create user "insert" password 'insert';
alter default privileges for user "insert" grant select on tables to "select";
alter default privileges for user "insert" grant select on sequences to "select";
alter default privileges for user "insert" grant execute on functions to "select";
Disconnect. Reconnect as user "insert", then...
create table foo (a text);
insert into foo (a) values ('aaa');
Disconnect. Reconnect as user "select", expecting to be able to select contents of the "foo" table, but fails with "permission denied for relation foo".
Bottom line is that I want the "select" user to be able to query any table, sequence or use any function created by user "insert".
Thanks for any help !
| From | Date | Subject | |
|---|---|---|---|
| Next Message | John Abraham | 2013-01-03 23:31:40 | Unnecessary files that can be deleted/moved in cluster dir? |
| Previous Message | Jeff Trout | 2013-01-03 19:22:25 | Curious unnest behavior |