Quick Links

Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role?

From:	Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>
To:	Scott Ribe <scott_ribe(at)elevated-dev(dot)com>, Ron Johnson <ronljohnsonjr(at)gmail(dot)com>
Cc:	Pgsql-admin <pgsql-admin(at)lists(dot)postgresql(dot)org>
Subject:	Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role?
Date:	2025-07-08 12:53:03
Message-ID:	bacddcb84956a662cd3de97ce4fe32d705083dc7.camel@cybertec.at
Views:	Whole Thread \| Raw Message \| Download mbox \| Resend email
Thread:
Lists:	pgsql-admin

On Tue, 2025-07-08 at 06:16 -0600, Scott Ribe wrote:
> I don't have an answer for you, just a question out of curiosity. Is this a prelude
> to dropping the role? Thus, if it existed, DROP ROLE ... CASCADE would have worked
> for your use case?

If dropping the role is the reason why the privileges should go, the canonical
procedure is:

- connect to each database in the cluster in turn; in each:
- REASSIGN OWNED BY role_to_drop ...
to transfer ownership
- DROP OWNED BY role_to_drop
to remove owned objects *and privileges*
- DROP ROLE role_to_drop

Yours,
Laurenz Albe

In response to

Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role? at 2025-07-08 12:16:11 from Scott Ribe

Responses

Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role? at 2025-07-08 12:59:50 from Ron Johnson

Browse pgsql-admin by date

	From	Date	Subject
Next Message	Ron Johnson	2025-07-08 12:59:50	Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role?
Previous Message	Scott Ribe	2025-07-08 12:35:00	Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role?