Skip site navigation (1) Skip section navigation (2)

Re: BUG #4537: role

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Marco Peixoto" <mpeixoto(at)metrosp(dot)com(dot)br>
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #4537: role
Date: 2008-11-18 00:30:57
Message-ID: 9320.1226968257@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-bugs
"Marco Peixoto" <mpeixoto(at)metrosp(dot)com(dot)br> writes:
> CREATE ROLE r227602 LOGIN
>   ENCRYPTED PASSWORD 'md5a4d27e81e0dc6b9828cf2dc84565fb59'
>   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;

> GRANT agd_select TO r227602;

You've got the role set to NOINHERIT.  This means that it can *become* 
agd_select (via SET ROLE) and then use agd_select's privileges, but it
doesn't have use of those privileges without doing SET ROLE.

BTW, when I try this example I get a complaint about schema agd,
not relation clanalis --- so there must be a few more grants you
didn't show us in your system.  I'd still guess the NOINHERIT is
the root of your problem though.

			regards, tom lane

In response to

pgsql-bugs by date

Next:From: Bruce MomjianDate: 2008-11-18 03:51:39
Subject: Re: Re: [BUGS] libpq does not manage SSL callbacks properly when other libraries are involved.
Previous:From: Marco PeixotoDate: 2008-11-17 21:03:22
Subject: BUG #4537: role

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group