The catalog pg_default_acl stores initial privileges to be assigned to newly created objects.
Table 48-17. pg_default_acl Columns
|oid||oid||Row identifier (hidden attribute; must be explicitly selected)|
|defaclrole||oid||pg_authid.oid||The OID of the role associated with this entry|
|defaclnamespace||oid||pg_namespace.oid||The OID of the namespace associated with this entry, or 0 if none|
|defaclobjtype||char||Type of object this entry is for: r = relation (table, view), S = sequence, f = function, T = type|
|defaclacl||aclitem||Access privileges that this type of object should have on creation|
A pg_default_acl entry shows the initial privileges to be assigned to an object belonging to the indicated user. There are currently two types of entry: "global" entries with defaclnamespace = 0, and "per-schema" entries that reference a particular schema. If a global entry is present then it overrides the normal hard-wired default privileges for the object type. A per-schema entry, if present, represents privileges to be added to the global or hard-wired default privileges.
Note that when an ACL entry in another catalog is null, it is taken to represent the hard-wired default privileges for its object, not whatever might be in pg_default_acl at the moment. pg_default_acl is only consulted during object creation.
If you see anything in the documentation that is not correct, does not match your experience with the particular feature or requires further clarification, please use this form to report a documentation issue.