Re: pg_dumpall can't be restored with different bootstrap superuser

On Tue, May 5, 2026 at 11:23 AM Euler Taveira <euler(at)eulerto(dot)com> wrote:

> On Tue, May 5, 2026, at 7:51 AM, Álvaro Rodríguez wrote:
> >
> > We have hit an issue with pg_dumpall --roles-only where the role grants
> > to other roles can't be reapplied in a clean database, if the bootstrap
> > superuser does not have the same name in both databases.
> >
>
> This is not a bug.

> Maybe we should
> add a sentence saying that GRANT on roles requires the same bootstrap user.
>
>
This does seem to contradict the claim in create role:
SUPERUSER
These clauses determine whether the new role is a “superuser”, who can
override all access restrictions within the database.

This at least feels like an access restriction being applied to a
superuser. IIUC, the reason the bootstrap superuser doesn't get this
applied is because as owner of all roles in a system they alone can bypass
the "with admin" privilege check.

This may not be a bug in the code but it seems a reasonable indicator that
our documentation hasn't imparted a solid mental model as to how this is
supposed to behave in the new, more locked down, regime.

I wouldn't object to giving pg_dumpall a --bootstrap-name parameter though,
to avoid having to tell people to perform string munging on its output. We
already have a --no-owner option to pg_dump, this doesn't seem all that
different. (Or --no-granted-by-on-role-grants ?) (Or make --no-owner on
pg_dumpall apply here.)

David J.