| From: | François Beausoleil <francois(at)teksol(dot)info> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Forums postgresql <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: User postgres unable to revoke privileges? |
| Date: | 2013-06-07 11:03:32 |
| Message-ID: | 66653F69-3BE1-48E7-B360-9D83CC2A70CE@teksol.info |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Le 2013-06-06 à 17:59, Tom Lane a écrit :
> =?iso-8859-1?Q?Fran=E7ois_Beausoleil?= <francois(at)teksol(dot)info> writes:
>> regress=# ALTER DEFAULT PRIVILEGES FOR ROLE dataanalysts IN SCHEMA public REVOKE SELECT ON TABLES FROM dataanalysts;
>> ERROR: permission denied for schema public
>
>> I'm logged in as postgres, the database superuser. Why am I getting a permission denied?
>
> I suspect you already revoked public CREATE privilege in schema public.
Ha, yes, you are right.
> Note where the fine manual says:
>
> schema_name
> The name of an existing schema. Each target_role must have CREATE privileges for each specified schema.
>
> There was some debate previously about whether that restriction was a
> good idea at all; and given this example, it seems like we definitely
> shouldn't require it during a REVOKE.
I may not have read that section carefully enough. I'll try again, by adding postgres back with create privileges on the public schema.
Thanks!
François
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mads.Tandrup | 2013-06-07 11:13:08 | Re: Streaming replication with sync slave, but disconnects due to missing WAL segments |
| Previous Message | François Beausoleil | 2013-06-07 11:00:52 | Re: Slave promotion failure |