Greetings,
* Michael.Dietrich@swisscom.com (Michael.Dietrich@swisscom.com) wrote:
> Unexpected behavior when trying to connect to a database. Facts:
> 1) The privilege to connect to the database was revoked from public.
> 2) User without superuser privileges uses a role with superuser rights (usage confirmed with SHOW current_role.)
Please provide more details about what this step #2 actually means.
> 3) Unecpected Message: FATAL: permission denied for database "db" DETAIL: User does not have CONNECT privilege.
Details about exactly what you're doing to connect here would be
helpful.
> After granting one of the listed privileges it is working as expected.
> 1) granting superuser to user
> 2) granting connect to db for user
> 3) granting connect to db to group
> 3) granting connect to db to public
>
> What am I missing? --Michael
CONNECT privileges are needed to be able to connect to the database, so
it's not surprising that you needed to GRANT them to the user after
REVOKE'ing them from PUBLIC. What's not clear is what you're actually
trying to do and what you're expecting to work that apparently isn't.
Thanks!
Stephen