| From: | Erik Wienhold <ewie(at)ewie(dot)name> |
|---|---|
| To: | Stuart McGraw <smcgraw(at)mtneva(dot)com>, pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Restoring default privileges on objects |
| Date: | 2023-08-29 11:22:31 |
| Message-ID: | 1166048641.281962.1693308151542@office.mailbox.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
> On 29/08/2023 03:23 CEST Stuart McGraw <smcgraw(at)mtneva(dot)com> wrote:
>
> If I've done a GRANT or REVOKE on some of the tables, how do I restore
> the default privileges so that the “Access privileges” appears empty
> again? I re-granted what I think are the default privileges but the
> "Access privileges" column for that table contains "user1=arwdDxt/user1"
> rather than being blank. This is Postgresql-14.
Yes, "user1=arwdDxt/user1" matches the default privileges if user1 is the table
owner. Function acldefault('r', 'user1'::regrole) [1] gives you the default
privileges for tables.
You could set pg_class.relacl to NULL to restore the default privileges, but
messing with pg_catalog is at your own risk. Besides that I don't know of any
way to restore the default privileges other than revoking all privileges before
granting whatever acldefault gives you. Changing the table owner will then
also change the grantee and grantor in pg_class.relacl to the new owner.
[1] https://www.postgresql.org/docs/14/functions-info.html#FUNCTIONS-ACLITEM-FN-TABLE
--
Erik
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2023-08-29 14:14:45 | Re: Restoring default privileges on objects |
| Previous Message | Luca Ferrari | 2023-08-29 09:59:53 | Re: PL/Perl function signatures |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hayato Kuroda (Fujitsu) | 2023-08-29 11:58:31 | RE: [PoC] pg_upgrade: allow to upgrade publisher node |
| Previous Message | Alvaro Herrera | 2023-08-29 11:20:28 | Re: tablecmds.c/MergeAttributes() cleanup |