2011/2/7 Carlos Mennens <carlos.mennens@xxxxxxxxx>
On Fri, Feb 4, 2011 at 5:08 PM, Dmitriy Igrishin <dmitigr@xxxxxxxxx> wrote:So is it very bad to alter ANY of the default role attributes granted
> These all (SUPERUSER, CREATEDB, SUPERUSER) are role attributes.
> By performing ALTER ROLE postgres NOSUPERUSER it is possible to
> turn role with a superuser status into a role that just can create databases
> and manage roles (admin, but without superuser privileges).
to the 'postgres' user? I don't know if removing role attributes from
him will have negative consequences to features / functional tasks of
the PostgreSQL server / client application(s).
Nothing special in 'postgres' user from the POV of DBMS. It is just a user
with superuser attribute created when you perform initdb(1).
But please note, some OS distributives uses 'postgres' for non-interactive
access to all databases for automatic maintenance (custom daily cronjobs,
replication, and similar tasks) -- please see you pg_hba.conf file where
entry for 'postgres' user usually resides.
with superuser attribute created when you perform initdb(1).
But please note, some OS distributives uses 'postgres' for non-interactive
access to all databases for automatic maintenance (custom daily cronjobs,
replication, and similar tasks) -- please see you pg_hba.conf file where
entry for 'postgres' user usually resides.
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
--
// Dmitriy.
