On 04/29/2013 09:59 AM, Tom Lane wrote:
> Josh Berkus <josh@agliodbs.com> writes:
>> This moves the general brokenness of this feature from a bug to (a) a
>> documentation issue and (b) unusably fussy. For (a), I think we need
>> the following line in the docs:
>
>> DEFAULT PRIVILEGES may only be granted to a ROLE which already has
>> CREATE permission on the specified schema.
>
> As I pointed out to you last night, it does already say that.
> I think the problem here is that we're just throwing a generic
> permissions failure rather than identifying the particular permission
> needed.
Yeah, a better error message would help a lot. My first thought was
"WTF? I'm the superuser, whaddya mean, 'permission denied'"?
--
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com