Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
Postgres FD Implementation
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Abuhujair Javed
Postgres FD Implementation
Commits
41273476
Commit
41273476
authored
Oct 13, 2005
by
Tom Lane
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Improve documentation about CREATEROLE privilege.
parent
35c89833
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
22 additions
and
7 deletions
+22
-7
doc/src/sgml/ref/grant.sgml
doc/src/sgml/ref/grant.sgml
+7
-3
doc/src/sgml/user-manag.sgml
doc/src/sgml/user-manag.sgml
+15
-4
No files found.
doc/src/sgml/ref/grant.sgml
View file @
41273476
<!--
$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.4
8 2005/07/26 23:24:02
tgl Exp $
$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.4
9 2005/10/13 23:26:00
tgl Exp $
PostgreSQL documentation
-->
...
...
@@ -293,8 +293,12 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...]
<para>
If <literal>WITH ADMIN OPTION</literal> is specified, the member may
in turn grant membership in the role to others. Without the admin
option, the recipient cannot do that.
in turn grant membership in the role to others, and revoke membership
in the role as well. Without the admin option, ordinary users cannot do
that. However,
database superusers can grant or revoke membership in any role to anyone.
Roles having <literal>CREATEROLE</> privilege can grant or revoke
membership in any role that is not a superuser.
</para>
</refsect2>
</refsect1>
...
...
doc/src/sgml/user-manag.sgml
View file @
41273476
<!--
$PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.3
0 2005/08/14 23:35:37
tgl Exp $
$PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.3
1 2005/10/13 23:26:00
tgl Exp $
-->
<chapter id="user-manag">
...
...
@@ -203,9 +203,10 @@ CREATE USER <replaceable>name</replaceable>;
checks). To create such a role, use <literal>CREATE ROLE
<replaceable>name</replaceable> CREATEROLE</literal>.
A role with <literal>CREATEROLE</> privilege can alter and drop
other roles, too. However, to alter or drop a superuser role,
superuser status is required; <literal>CREATEROLE</> is not sufficient
for that.
other roles, too, as well as grant or revoke membership in them.
However, to create, alter, drop, or change membership of a
superuser role, superuser status is required;
<literal>CREATEROLE</> is not sufficient for that.
</para>
</listitem>
</varlistentry>
...
...
@@ -234,6 +235,16 @@ CREATE USER <replaceable>name</replaceable>;
endterm="sql-alterrole-title"> commands for details.
</para>
<tip>
<para>
It is good practice to create a role that has the <literal>CREATEDB</>
and <literal>CREATEROLE</> privileges, but is not a superuser, and then
use this role for all routine management of databases and roles. This
approach avoids the dangers of operating as a superuser for tasks that
do not really require it.
</para>
</tip>
<para>
A role can also have role-specific defaults for many of the run-time
configuration settings described in <xref
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
