| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Chander Ganesan" <g_chander(at)yahoo(dot)com> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #2137: CREATE DATABASE permission is not inherited. |
| Date: | 2005-12-31 20:14:54 |
| Message-ID: | 21126.1136060094@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
"Chander Ganesan" <g_chander(at)yahoo(dot)com> writes:
> Apparently one needs to do a 'set role' in order to gain access to a 'create
> database' privilege, even though inherit is set to "true" for the user.
> This is contrary to the documentation - which implies that ineritance is
> automatic.
The documentation says no such thing, and in fact says the opposite:
: The INHERIT attribute governs inheritance of grantable privileges
: (that is, access privileges for database objects and role
: memberships). It does not apply to the special role attributes set by
: CREATE ROLE and ALTER ROLE. For example, being a member of a role with
: CREATEDB privilege does not immediately grant the ability to create
: databases, even if INHERIT is set; it would be necessary to become
: that role via SET ROLE before creating a database.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2006-01-01 12:10:13 | Re: BUG #2133: can't reinstall postgresql |
| Previous Message | Michael Fuhr | 2005-12-31 17:31:18 | Re: BUG #2136: plperl doesn't work, plperlu - yes |