| From: | Dominique Devienne <ddevienne(at)gmail(dot)com> |
|---|---|
| To: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
| Cc: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Backward compat issue with v16 around ROLEs |
| Date: | 2024-09-11 15:28:04 |
| Message-ID: | CAFCRh-_-fuE8vSvP1vyqKXFGihfj9RmUB9z1wmEFtbkYTXNHTQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Sep 11, 2024 at 5:09 PM Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> wrote:
> What user did you do the above as?
My own user, which lacks SUPERUSER (I have CREATEROLE and CREATEDB
only, and LOGIN of course).
> On my Postgres 16.4 instance logged in as postgres:
> test=# create role dd_owner createrole;
> CREATE ROLE
> test=# create role dd_admin noinherit;
> CREATE ROLE
> test=# grant dd_owner to dd_admin;
> GRANT ROLE
> test=# set role dd_owner;
> SET
This failed for me, but works for you, probably because you are SUPERUSER.
> test=> grant dd_owner to current_user;
> ERROR: permission denied to grant role "dd_owner"
> DETAIL: Only roles with the ADMIN option on role "dd_owner" may grant
> this role.
A role can't grant itself to someone? Hmmm...
> test=> create role dd_user;
> CREATE ROLE
> test=> grant dd_admin to dd_user;
> ERROR: permission denied to grant role "dd_admin"
> DETAIL: Only roles with the ADMIN option on role "dd_admin" may grant
> this role.
This is the error I'm trying to fix on v16, and was OK on v14.
So your v16.4 behaves the same as my v16.1 it seems. --DD
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Wolfgang Walther | 2024-09-11 19:17:24 | Re: Backward compat issue with v16 around ROLEs |
| Previous Message | Dominique Devienne | 2024-09-11 15:22:40 | Re: Backward compat issue with v16 around ROLEs |