Re: Users + Groups = Roles, duplicate name issue

Which version of pg_dump did you use to dump the old database? The
recommended procedure is to use the newer version of pg_dump (ie:
pg_dump from 8.1.1) to dump the old database. It's possible that the
newer version of pg_dump has facilities in place to deal with this.
Those facilities would obviously be missing from older versions.

On Wed, Dec 21, 2005 at 01:42:14AM +0000, ljb wrote:
> I loaded a 7.4.x dump into a new 8.1.1 database and found out what happens
> if you had the same name as both a user and a group. You can get users with
> more rights than they had before. I guess it is too late, but perhaps a
> mention in the release text would have been a good idea. Advise people to
> rename any group which has the same name as a user.
>
> For example, if at 7.4.x I have:
> Group: Is granted all rights to table:
> test test_data
> acct money_data
>
> Username: Member of group: And therefore gets all rights to table:
> ljb test test_data
> test acct money_data
>
> After loading the dump into 8.1.1, the test user and test group get merged
> into a single role, so the test user gets granted all rights to the test_data
> table. In addition, 'ljb' now effectively is a member of the 'acct' group
> (via the test role), so is granted all rights to the money_data table.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo(at)postgresql(dot)org so that your
> message can get through to the mailing list cleanly
>

--
Jim C. Nasby, Sr. Engineering Consultant jnasby(at)pervasive(dot)com
Pervasive Software http://pervasive.com work: 512-231-6117
vcard: http://jim.nasby.net/pervasive.vcf cell: 512-569-9461