From: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
---|---|
To: | Christophe Pettus <xof(at)thebuild(dot)com>, PostgreSQL General <pgsql-general(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Can't remove default permissions entry |
Date: | 2020-05-27 19:08:28 |
Message-ID: | 1ae39242-c167-59ac-8d3b-5884ae2490ab@aklaver.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On 5/27/20 10:06 AM, Christophe Pettus wrote:
> On RDS (thus, no superuser) we are trying to drop a user. The only remaining item that the user owns is an "empty" default permissions entry, but we can't seem to get rid of it so that the user can be dropped:
>
> I'm sure I'm missing something obvious!
Have you tried?:
https://www.postgresql.org/docs/12/sql-alterdefaultprivileges.html
"If you wish to drop a role for which the default privileges have been
altered, it is necessary to reverse the changes in its default
privileges or use DROP OWNED BY to get rid of the default privileges
^^^^^^^^^^^^^
entry for the role."
So:
https://www.postgresql.org/docs/12/sql-drop-owned.html
>
> Logged in as xyuser:
>
> db=> \ddp+
> Default access privileges
> Owner | Schema | Type | Access privileges
> ------------+---------------+----------+--------------------------
> xyuser | | table |
>
> db=> ALTER DEFAULT PRIVILEGES FOR USER xyuser REVOKE ALL ON TABLES FROM xyuser;
> ALTER DEFAULT PRIVILEGES
> db=> \ddp+
> Default access privileges
> Owner | Schema | Type | Access privileges
> ------------+---------------+----------+--------------------------
> xyuser | | table |
>
> db=>
>
> --
> -- Christophe Pettus
> xof(at)thebuild(dot)com
>
>
>
--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com
From | Date | Subject | |
---|---|---|---|
Next Message | Adrian Klaver | 2020-05-27 19:10:00 | Re: Suggest the Schedular for activities |
Previous Message | James Lucas | 2020-05-27 18:12:24 | Changing wal segment size on existing database cluster |