| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Marco Peixoto" <mpeixoto(at)metrosp(dot)com(dot)br> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #4537: role |
| Date: | 2008-11-18 00:30:57 |
| Message-ID: | 9320.1226968257@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
"Marco Peixoto" <mpeixoto(at)metrosp(dot)com(dot)br> writes:
> CREATE ROLE r227602 LOGIN
> ENCRYPTED PASSWORD 'md5a4d27e81e0dc6b9828cf2dc84565fb59'
> NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
> GRANT agd_select TO r227602;
You've got the role set to NOINHERIT. This means that it can *become*
agd_select (via SET ROLE) and then use agd_select's privileges, but it
doesn't have use of those privileges without doing SET ROLE.
BTW, when I try this example I get a complaint about schema agd,
not relation clanalis --- so there must be a few more grants you
didn't show us in your system. I'd still guess the NOINHERIT is
the root of your problem though.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2008-11-18 03:51:39 | Re: Re: [BUGS] libpq does not manage SSL callbacks properly when other libraries are involved. |
| Previous Message | Marco Peixoto | 2008-11-17 21:03:22 | BUG #4537: role |