From: | Nikolai Zhubr <n-a-zhubr(at)yandex(dot)ru> |
---|---|
To: | pgadmin-support(at)postgresql(dot)org |
Subject: | Re: Connection by user with restricted access to pg_database |
Date: | 2015-12-16 10:40:30 |
Message-ID: | 56713F9E.1090801@yandex.ru |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgadmin-support |
Hello,
16.12.2015 10:04, Владимир Янченко:
[...]
> 2015-12-15 15:33:54 ERROR : ERROR: permission denied for relation pg_database
> 2015-12-15 15:33:55 ERROR : ERROR: permission denied for relation
> pg_tablespace
> 2015-12-15 15:33:56 ERROR : ERROR: permission denied for relation pg_roles
> 2015-12-15 15:33:58 ERROR : ERROR: permission denied for relation pg_roles
>
> pgAdmin version: 1.20.0
> Postgresql version: 9.4.2
> Postgresql OS: Ubuntu 12.04.3 Server
> Client OS: Ubuntu desktop 14.10 x64
>
> Does a workaround exist for this situation?
What exactly do you mean by "workaround" here? What do you expect
pgadmin to (be able) do?
Regards,
Nikolai
>
> How to reproduce:
>
> psql -d template1
>
> REVOKE ALL ON DATABASE template1 FROM public;
> REVOKE ALL ON SCHEMA public FROM public;
> REVOKE ALL ON pg_user FROM public;
> REVOKE ALL ON pg_roles FROM public;
> REVOKE ALL ON pg_group FROM public;
> REVOKE ALL ON pg_authid FROM public;
> REVOKE ALL ON pg_auth_members FROM public;
> REVOKE ALL ON pg_stat_activity FROM public;
> REVOKE ALL ON pg_database FROM public;
> REVOKE ALL ON pg_tablespace FROM public;
> GRANT ALL ON SCHEMA public TO postgres;
> CREATE DATABASE mydb;
>
> psql -d mydb
>
> REVOKE ALL ON DATABASE mydb FROM public;
> CREATE ROLE myuser NOSUPERUSER NOCREATEDB NOCREATEROLE NOINHERIT LOGIN
> ENCRYPTED PASSWORD '123';
> GRANT USAGE ON SCHEMA public TO myuser;
> GRANT CONNECT ON DATABASE mydb TO myuser;
> ALTER DEFAULT PRIVILEGES FOR ROLE mydb IN SCHEMA public GRANT SELECT
> ON TABLES to myuser;
> GRANT SELECT ON ALL TABLES IN SCHEMA public TO myuserr;
>
> Then connect with pgadmin, maintenance database: mydb, user: myuser.
>
> --
> Vladimir Yanchenko
> Suport engineer
> Naumen
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Владимир Янченко | 2015-12-16 11:03:54 | Re: Connection by user with restricted access to pg_database |
Previous Message | Nikolai Zhubr | 2015-12-16 10:23:07 | Re: pgAdmin III - Crash on Startup |