Обсуждение: postgres 8.1 usermanagement problem
Hallo to all! I use Postgres 8.1 and i've got problem in its usermanagement.
Here is me roles list:
nausd=# \du
List of roles
Role name | Superuser | Create role | Create DB | Connections | Member of
-------------+-----------+-------------+-----------+-------------+--------------
dss0 | yes | yes | yes | no limit |
georgyd | no | no | no | no limit | {nausd_read}
joe | no | no | no | no limit |
nausd | no | no | no | no limit |
nausd_read | no | no | no | no limit |
postgres | yes | yes | yes | no limit |
sagach_user | no | no | no | no limit |
system | no | no | no | no limit |
testgrp | no | no | no | no limit |
testus | no | no | no | no limit | {testgrp}
ttest | no | no | no | no limit |
(11 rows)
testus - user is a member of the testgrp
Then I changed permission in table tbl_a_a_container from database nausd:
nausd=# \z
Access privileges for database "nausd"
Schema | Name | Type | Access privileges
--------+--------------------------------+----------+----------------------------------------------------------------
public | tbl_a_a_container | table | {nausd=arwdRxt/nausd,nausd_read=r/nausd,testgrp=arwdRxt/nausd}
So, we can see all rights for group testgrp and correspondingly for testus.
But when I logging to databes nausd with user testus and try to select from tbl_a_a_container - I got error: permission denied for relation tbl_a_a_container
What's wrong?
Here is me roles list:
nausd=# \du
List of roles
Role name | Superuser | Create role | Create DB | Connections | Member of
-------------+-----------+-------------+-----------+-------------+--------------
dss0 | yes | yes | yes | no limit |
georgyd | no | no | no | no limit | {nausd_read}
joe | no | no | no | no limit |
nausd | no | no | no | no limit |
nausd_read | no | no | no | no limit |
postgres | yes | yes | yes | no limit |
sagach_user | no | no | no | no limit |
system | no | no | no | no limit |
testgrp | no | no | no | no limit |
testus | no | no | no | no limit | {testgrp}
ttest | no | no | no | no limit |
(11 rows)
testus - user is a member of the testgrp
Then I changed permission in table tbl_a_a_container from database nausd:
nausd=# \z
Access privileges for database "nausd"
Schema | Name | Type | Access privileges
--------+--------------------------------+----------+----------------------------------------------------------------
public | tbl_a_a_container | table | {nausd=arwdRxt/nausd,nausd_read=r/nausd,testgrp=arwdRxt/nausd}
So, we can see all rights for group testgrp and correspondingly for testus.
But when I logging to databes nausd with user testus and try to select from tbl_a_a_container - I got error: permission denied for relation tbl_a_a_container
What's wrong?
Did you check the option "Inherits rights from parent roles" (parameter INHERIT in SQL) for user testus ? Dmitry Shubin rašė: > Hallo to all! I use Postgres 8.1 and i've got problem in its > usermanagement. > > Here is me roles list: > nausd=# \du > List of roles > Role name | Superuser | Create role | Create DB | Connections | Member of > -------------+-----------+-------------+-----------+-------------+-------------- > dss0 | yes | yes | yes | no limit | > georgyd | no | no | no | no limit | {nausd_read} > joe | no | no | no | no limit | > nausd | no | no | no | no limit | > nausd_read | no | no | no | no limit | > postgres | yes | yes | yes | no limit | > sagach_user | no | no | no | no limit | > system | no | no | no | no limit | > testgrp | no | no | no | no limit | > testus | no | no | no | no limit | {testgrp} > ttest | no | no | no | no limit | > (11 rows) > > testus - user is a member of the testgrp > > Then I changed permission in table tbl_a_a_container from database nausd: > > nausd=# \z > Access privileges for database "nausd" > Schema | Name | Type | Access privileges > --------+--------------------------------+----------+---------------------------------------------------------------- > public | tbl_a_a_container | table | > {nausd=arwdRxt/nausd,nausd_read=r/nausd,testgrp=arwdRxt/nausd} > > So, we can see all rights for group testgrp and correspondingly for > testus. > > But when I logging to databes nausd with user testus and try to select > from tbl_a_a_container - I got error: permission denied for relation > tbl_a_a_container > > What's wrong? > -- Julius Tuskenis
Thanks a lot, that was the problem!
On 4/15/08, Julius Tuskenis <julius@nsoft.lt> wrote:
Did you check the option "Inherits rights from parent roles" (parameter INHERIT in SQL) for user testus ?
Dmitry Shubin rašė:--Hallo to all! I use Postgres 8.1 and i've got problem in its usermanagement.
Here is me roles list:
nausd=# \du
List of roles
Role name | Superuser | Create role | Create DB | Connections | Member of
-------------+-----------+-------------+-----------+-------------+--------------
dss0 | yes | yes | yes | no limit |
georgyd | no | no | no | no limit | {nausd_read}
joe | no | no | no | no limit |
nausd | no | no | no | no limit |
nausd_read | no | no | no | no limit |
postgres | yes | yes | yes | no limit |
sagach_user | no | no | no | no limit |
system | no | no | no | no limit |
testgrp | no | no | no | no limit |
testus | no | no | no | no limit | {testgrp}
ttest | no | no | no | no limit |
(11 rows)
testus - user is a member of the testgrp
Then I changed permission in table tbl_a_a_container from database nausd:
nausd=# \z
Access privileges for database "nausd"
Schema | Name | Type | Access privileges
--------+--------------------------------+----------+----------------------------------------------------------------
public | tbl_a_a_container | table | {nausd=arwdRxt/nausd,nausd_read=r/nausd,testgrp=arwdRxt/nausd}
So, we can see all rights for group testgrp and correspondingly for testus.
But when I logging to databes nausd with user testus and try to select from tbl_a_a_container - I got error: permission denied for relation tbl_a_a_container
What's wrong?
Julius Tuskenis
--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin