| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Shreeyansh Dba <shreeyansh2014(at)gmail(dot)com> |
| Cc: | KhunSanAung(dot)GIS(at)gmail(dot)com, pgsql-admin <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: How to create a read only user account to access to all pg database? |
| Date: | 2015-11-25 13:23:32 |
| Message-ID: | 20151125132332.GU3685@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
* Shreeyansh Dba (shreeyansh2014(at)gmail(dot)com) wrote:
> A simple way is Create a user with superuser privileges and read only
> permission.
>
> -Login psql as postgres or other superuser.
> -Create the new superuser role and set it to read only :
>
> CREATE USER backupadmn WITH PASSWORD 'pwd' SUPERUSER ;
> ALTER USER backupadmn set default_transaction_read_only = on;
Uh, that doesn't create a read-only user, it just starts that user's
session out with the transaction being read only *by default*.
Do NOT use this to try and create read-only users.
The user can trivially change that if they have SQL access using begin:
----------------------
=# begin read write;
BEGIN
=*# alter user r1 set default_transaction_read_only = 0;
ALTER ROLE
=*# commit;
COMMIT
=#
----------------------
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Felipe Santos | 2015-11-25 18:53:44 | Re: Update postgresql-9.1 fails |
| Previous Message | Mailing Liste | 2015-11-25 11:40:12 | Update postgresql-9.1 fails |