Hi!
My English is bad, so in short - why Postgres (and surprisingly other's, like Oracle) lacks something like this:
1. What roles who can create or delete (insteed solid CREATEROLE privilege)
GRANT { { CREATE | DROP }
[,...] | ALL [ PRIVILEGES ] }
ON { {ROLE rolename [, ...]} | ANY ROLE}
TO { rolename } [, ...] [ WITH ADMIN OPTION ]
2. What in what roles who can alter
GRANT ALTER { LOGIN | PASSWORD | INHERIT | RENAME | VALID | SET | и т.д. }
ON ROLE rolename [, ...]
TO { rolename } [, ...] [ WITH ADMIN OPTION ]
3. What roles who can grant to whom
GRANT GRANT {ANY | rolename [, ...]} }
ON ROLE rolename [, ...]
TO { rolename } [, ...] [ WITH GRANT OPTION ]
Any Help Will Be appreciated!