Re: What am I doing wrong in here?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Casey Allen Shobe <cshobe(at)softhome(dot)net>
Cc: Devrim GUNDUZ <devrim(at)gunduz(dot)org>, PostgreSQL Mailing Lists-SQL <pgsql-sql(at)postgresql(dot)org>
Subject: Re: What am I doing wrong in here?
Date: 2003-12-27 18:50:03
Message-ID: 12885.1072551003@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-sql

Casey Allen Shobe <cshobe(at)softhome(dot)net> writes:
> Devrim GUNDUZ (Saturday 27 December 2003 10:45)
>> Hmm, that solved the problem, thanks.
>>
>> But I still could not understand why the lack of createuser permission
>> caused the error above...

> Because database users (and lots of other database information) is stored in
> the pg_catalog schema. When you create, alter, or drop a user, you are
> performing an insert, update, or delete on pg_catalog.pg_shadow.

This analysis is nonsense ... system catalog operations do not do the
same kinds of permission checks as user queries do. Furthermore, if
he'd not had permissions to create users, the initial CREATE USER
command would have failed, and so would CREATE DATABASE (since it would
then be specifying a nonexistent owner name).

My guess is that Devrim interpreted your suggestion as telling him to
make the created user (tdmsoftmailserveruser) a superuser, which would
naturally suppress any and all permissions failures for operations
executed by that user. That's hardly a reasonable answer to his problem
though. As to what his real problem is, I dunno, but I'd like to find
out.

regards, tom lane

In response to

Responses

Browse pgsql-sql by date

  From Date Subject
Next Message Casey Allen Shobe 2003-12-27 22:56:29 Re: What am I doing wrong in here?
Previous Message Tom Lane 2003-12-27 18:42:07 Re: What am I doing wrong in here?