From: | Pawan Sharma <pawanpg0963(at)gmail(dot)com> |
---|---|
To: | pgsql-general(at)lists(dot)postgresql(dot)org |
Subject: | PG16 ADMIN OPTION |
Date: | 2024-12-18 11:52:32 |
Message-ID: | CAKqG8NUgCmPdf2fQh89cn-eTCpTkS=ZgcFad-G9j0bpM9gR7rQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Hello Everyone,
I recently noticed the difference between PG15 and PG16 regarding *CREATEROLE
*and ADMIN OPTION.
Granting the Admin Option to another role is not allowed in PG16, whereas
it was permitted in PG15. Please help me with how we can allow them without
superuser intervention.
PostgreSQL 15:
psql (15.10 (Homebrew), server 15.10 (Homebrew))
Type "help" for help.
postgres=# create role pgtest login createdb createrole;
CREATE ROLE
postgres=# \c postgres pgtest
psql (16.6 (Homebrew), server 15.10 (Homebrew))
You are now connected to database "postgres" as user "pgtest".
postgres=>
postgres=> create role test login;
CREATE ROLE
postgres=>
postgres=> grant pgtest to test with ADMIN OPTION;
GRANT ROLE
postgres=> \drg
List of role grants
Role name | Member of | Options | Grantor
-----------+-----------+---------------------+---------
test | pgtest | ADMIN, INHERIT, SET | pgtest
(1 row)
PostgreSQL 16
psql (16.6 (Homebrew))
Type "help" for help.
postgres=# create role pgtest login createdb createrole;
CREATE ROLE
postgres=# \c postgres pgtest
You are now connected to database "postgres" as user "pgtest".
postgres=> create role test login;
CREATE ROLE
postgres=>
postgres=> grant pgtest to test with ADMIN OPTION;
ERROR: permission denied to grant role "admin"
DETAIL: Only roles with the ADMIN option on role "pgtest" may grant this
role.
postgres=>
postgres=> \drg
List of role grants
Role name | Member of | Options | Grantor
-----------+-----------+---------+-------------
pgtest | test | ADMIN | pawansharma
(1 row)
postgres=>
Thank you so much.
Regards,
Pawan
From | Date | Subject | |
---|---|---|---|
Next Message | Francisco Olarte | 2024-12-18 12:39:10 | Re: How to do an update with XML column ? |
Previous Message | Ron Johnson | 2024-12-17 18:47:24 | Re: Credcheck- credcheck.max_auth_failure |