create_user.sgml

<!--
$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_user.sgml,v 1.13 2000/01/14 22:11:32 petere Exp $
Postgres documentation
-->

<refentry id="SQL-CREATEUSER">
 <refmeta>
  <refentrytitle id="sql-createuser-title">
   CREATE USER
  </refentrytitle>
  <refmiscinfo>SQL - Language Statements</refmiscinfo>
 </refmeta>
 <refnamediv>
  <refname>
   CREATE USER
  </refname>
  <refpurpose>
   Creates a new database user
  </refpurpose>
 </refnamediv>
 <refsynopsisdiv>
  <refsynopsisdivinfo>
   <date>1999-07-20</date>
  </refsynopsisdivinfo>
  <synopsis>
CREATE USER <replaceable class="PARAMETER">username</replaceable>
    [ WITH
     [ SYSID <replaceable class="PARAMETER">uid</replaceable> ]
     [ PASSWORD '<replaceable class="PARAMETER">password</replaceable>' ] ]
    [ CREATEDB   | NOCREATEDB ] [ CREATEUSER | NOCREATEUSER ]
    [ IN GROUP     <replaceable class="PARAMETER">groupname</replaceable> [, ...] ]
    [ VALID UNTIL  '<replaceable class="PARAMETER">abstime</replaceable>' ]
  </synopsis>
  
  <refsect2 id="R2-SQL-CREATEUSER-1">
   <refsect2info>
    <date>1998-09-21</date>
   </refsect2info>
   <title>
    Inputs
   </title>
   <para>

    <variablelist>
     <varlistentry>
      <term><replaceable class="parameter">username</replaceable></term>
      <listitem>
       <para>
	The name of the user.
       </para>
      </listitem>
     </varlistentry>

     <varlistentry>
      <term><replaceable class="parameter">uid</replaceable></term>
      <listitem>
       <para>
        The <literal>SYSID</literal> clause can be used to choose
        the <productname>PostgreSQL</productname> user id of the user
        that is being created. It is not at all necessary that those
        match the <acronym>UNIX</acronym> user ids, but some people
        choose to keep the numbers the same.
       </para>
       <para>
        If this is not specified, the highest assigned user id plus one
        will be used as default.
       </para>
      </listitem>
     </varlistentry>

     <varlistentry>
      <term><replaceable class="parameter">password</replaceable></term>
      <listitem>
       <para>
        Sets the user's password. If you do not plan to use password
        authentication you can omit this option, otherwise the user
        won't be able to connect to a password-authenticated server.
        See pg_hba.conf(5) or the administrator's guide for details on
        how to set up authentication mechanisms.
       </para>
      </listitem>
     </varlistentry>

     <varlistentry>
      <term>CREATEDB</term>
      <term>NOCREATEDB</term>
      <listitem>
       <para> 
	These clauses define a user's ability to create databases.
	If CREATEDB is specified, the user being defined will
	be allowed to create his own databases. Using NOCREATEDB
	will deny a user the ability to create databases. If this
	clause is omitted,  NOCREATEDB is used by default.
       </para>
      </listitem>
     </varlistentry>

     <varlistentry>
      <term>CREATEUSER</term>
      <term>NOCREATEUSER</term>
      <listitem>
       <para>
	These clauses determine whether a user will be permitted to
	create new users himself. This option will also make the user
        a superuser who can override all access restrictions.
	Omitting this clause will set the user's value of this
	attribute to be NOCREATEUSER.
       </para>
      </listitem>
     </varlistentry>

     <varlistentry>
      <term><replaceable class="parameter">groupname</replaceable></term>
      <listitem>
       <para>
	A name of a group into which to insert the user as a new member.
       </para>
      </listitem>
     </varlistentry>

     <varlistentry>
      <term><replaceable class="parameter">abstime</replaceable></term>
      <listitem>
       <para>
	The VALID UNTIL clause sets an absolute time after which the
	user's password is no longer valid. 
	If this clause is omitted the login will be valid for all time.
       </para>
      </listitem>
     </varlistentry>
    </variablelist>
   </para>
  </refsect2>
  
  <refsect2 id="R2-SQL-CREATEUSER-2">
   <refsect2info>
    <date>1998-09-21</date>
   </refsect2info>
   <title>
    Outputs
   </title>

   <para>
    <variablelist>
     <varlistentry>
      <term><computeroutput>CREATE USER</computeroutput></term>
      <listitem>
       <para>
	Message returned if the command completes successfully.
       </para>
      </listitem>
     </varlistentry>
    </variablelist>
   </para>
  </refsect2>
 </refsynopsisdiv>

 <refsect1 id="R1-SQL-CREATEUSER-1">
  <refsect1info>
   <date>1998-09-21</date>
  </refsect1info>
  <title>
   Description
  </title>
  <para>
   CREATE USER will add a new user to an instance of 
   <productname>PostgreSQL</productname>. Refer to the adminstrator's
   guide for information about managing users and authentication.
   You must be a database superuser to use this command.
  </para>
  <para>
   Use <xref linkend="SQL-ALTERUSER" endterm="SQL-ALTERUSER-title">
   to change a user's password and privileges, and <xref linkend="SQL-DROPUSER"
   endterm="SQL-DROPUSER-title"> to remove a user.
   Use <command>ALTER GROUP</command> to add or remove the user from other groups.
   <productname>PostgreSQL</productname>
   comes with a script <xref linkend="APP-CREATEUSER"
   endterm="APP-CREATEUSER-title">
   which has the same functionality as this command (in fact, it calls this command)
   but can be run from the command shell.
  </para>  
 </refsect1> 
 <refsect1 id="R1-SQL-CREATEUSER-2">
  <title>
   Usage
  </title>
  <para>
   Create a user with no password:
<programlisting>
CREATE USER jonathan
</programlisting>
  </para>

  <para>
   Create a user with a password:
<programlisting>
CREATE USER davide WITH PASSWORD 'jw8s0F4'
</programlisting>
  </para>

  <para>
   Create a user with a password, whose account is valid until the end of 2001.
   Note that after one second has ticked in 2002, the account is not
   valid:

<programlisting>
CREATE USER miriam WITH PASSWORD 'jw8s0F4' VALID UNTIL 'Jan 1 2002'
</programlisting>
  </para>

  <para> 
   Create an account where the user can create databases:
<programlisting>
CREATE USER manuel WITH PASSWORD 'jw8s0F4' CREATEDB
</programlisting>
  </para>
 </refsect1>
 
 <refsect1 id="R1-SQL-CREATEUSER-3">
  <title>
   Compatibility
  </title>
  
  <refsect2 id="R2-SQL-CREATEUSER-4">
   <refsect2info>
    <date>1998-09-21</date>
   </refsect2info>
   <title>
    SQL92
   </title>

   <para>
    There is no <command>CREATE USER</command> statement in SQL92.
   </para>
  </refsect2>
 </refsect1>
</refentry>

<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:nil
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
sgml-parent-document:nil
sgml-default-dtd-file:"../reference.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:"/usr/lib/sgml/catalog"
sgml-local-ecat-files:nil
End:
-->