Обсуждение: New to postgresql - Do I have to be a "superuser" to be able to create a database?
New to postgresql - Do I have to be a "superuser" to be able to create a database?
От
gromitracer
Дата:
Hello all. I am more accustomed in doing things the Oracle way and I am
trying to get a hold postgres :)
Below are my roles/users and their attributes. Posgresql version: 9.2
Role name | Attributes
| Member of
---------------+-------------------------------------------------------------------------------+----------------
devs | Create DB, Cannot login
| {}
batman |
| {devs}
postgres | Superuser, Create role, Create DB, Replication |
{}
As you can see:
role: DEVS is configured to be able to create a database.
user: batman is member of DEVS
However, when I login as batman and I issue the command "CREATE DATABASE
metropolis;" I get a Permission denied. Even when I give DEVS a "superuser"
attribute, user batman still cannot create a database. Do I have to elevate
user batman to a superuser? Isn't that dangerous when it comes to security?
Thank you :)
--
View this message in context:
http://postgresql.1045698.n5.nabble.com/New-to-postgresql-Do-I-have-to-be-a-superuser-to-be-able-to-create-a-database-tp5785428.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.
On Sun, Jan 5, 2014 at 7:32 PM, gromitracer <george_m_se@yahoo.com> wrote:
Hello all. I am more accustomed in doing things the Oracle way and I am
trying to get a hold postgres :)
Below are my roles/users and their attributes. Posgresql version: 9.2
Role name | Attributes
| Member of
---------------+-------------------------------------------------------------------------------+----------------
devs | Create DB, Cannot login
| {}
batman |
| {devs}
postgres | Superuser, Create role, Create DB, Replication |
{}
As you can see:
role: DEVS is configured to be able to create a database.
user: batman is member of DEVS
CreateDB is not inherited. It must be granted directly to the role that will use it.
Cheers,
Jeff
Re: New to postgresql - Do I have to be a "superuser" to be able to create a database?
От
Vincent Veyron
Дата:
Le dimanche 05 janvier 2014 à 19:32 -0800, gromitracer a écrit :
> Below are my roles/users and their attributes. Posgresql version: 9.2
>
> Role name | Attributes
> | Member of
> ---------------+-------------------------------------------------------------------------------+----------------
> devs | Create DB, Cannot login
> | {}
> batman |
> | {devs}
> postgres | Superuser, Create role, Create DB, Replication |
> {}
>
>
> As you can see:
> role: DEVS is configured to be able to create a database.
> user: batman is member of DEVS
>
> However, when I login as batman and I issue the command "CREATE DATABASE
> metropolis;" I get a Permission denied. Even when I give DEVS a "superuser"
> attribute, user batman still cannot create a database. Do I have to elevate
> user batman to a superuser? Isn't that dangerous when it comes to security?
>
No need to be a superuser; see the CREATEDB clause in :
http://www.postgresql.org/docs/9.3/static/sql-createrole.html
You probably will also need to study :
http://www.postgresql.org/docs/9.3/static/sql-grant.html
--
http://litigios.libremen.com
Gestión de litigios y de expedientes de seguros de siniestros para el
servicio jurídico