| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Muhammad Imtiaz <imtiazpg712(at)gmail(dot)com> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Role Granting Issues in PostgreSQL: Need Help |
| Date: | 2024-09-05 04:14:28 |
| Message-ID: | CAKFQuwYHvmti+8E3kATV6Qh33_XiA+HDYCvMHfhmSX=iUxPEgA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wednesday, September 4, 2024, Muhammad Imtiaz <imtiazpg712(at)gmail(dot)com>
wrote:
>
> 1. Create a role with specific permissions
>
> CREATE ROLE rep_admin WITH LOGIN CREATEDB CREATEROLE REPLICATION;
>
> List of roles
> Role name | Attributes
> | Description
> --------------------+---------------------------------------
> ---------------------+-------------
> postgres | Superuser, Create role, Create DB, Replication,
> Bypass RLS |
> rep_admin | Create role, Create DB, Replication
> |
> replication_expert | Cannot login
>
>
> 6.Examine the pg_roles table to confirm that the permissions for
> replication_expert have not been updated:
>
> postgres=# SELECT rolname,rolinherit, rolcreaterole, rolcreatedb,
> rolcanlogin,rolreplication
> FROM pg_roles where rolname in('rep_admin','replication_expert');;
> rolname | rolinherit | rolcreaterole | rolcreatedb |
> rolcanlogin | rolreplication
> --------------------+------------+---------------+----------
> ---+-------------+----------------
> rep_admin | t | t | t | t
> | t
> replication_expert | t | f | f | f
> | f
> (2 rows)
>
>
Those are not permissions, they are attributes, and attributes are not
inherited.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2024-09-05 04:25:04 | Re: Role Granting Issues in PostgreSQL: Need Help |
| Previous Message | Junwang Zhao | 2024-09-05 04:06:46 | Re: BUG #18598: AddressSanitizer detects use after free inside json_unique_hash_match() |