Quick Links

Re: Orphaned users in PG16 and above can only be managed by Superusers

From:	Nathan Bossart <nathandbossart(at)gmail(dot)com>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	Tomas Vondra <tomas(at)vondra(dot)me>, Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: Orphaned users in PG16 and above can only be managed by Superusers
Date:	2025-01-24 16:01:42
Message-ID:	Z5O5ZsXDHMYFNKSs@nathan
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Thu, Jan 23, 2025 at 03:10:16PM -0500, Tom Lane wrote:
> That line of reasoning leads to the same conclusion, that another
> built-in role might be a suitable solution --- unless said role is
> so powerful that the service providers might want to block access
> to it too. Probably limiting it to manage non-superuser roles is
> good enough for that, but I'm not quite sure.

IMHO it's reasonable to expect service providers to adjust the predefined
roles if the stock limitations are not sufficient for them.

--
nathan

In response to

Re: Orphaned users in PG16 and above can only be managed by Superusers at 2025-01-23 20:10:16 from Tom Lane

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tom Lane	2025-01-24 16:03:31	Re: pg_createsubscriber TAP test wrapping makes command options hard to read.
Previous Message	Tom Lane	2025-01-24 15:57:30	Re: Convert sepgsql tests to TAP