Search Postgresql Archives

ALTER DEFAULT PRIVILEGES FOR ROLE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

After a database was updated by the application, a schema dump showed the following default privilege statements:

--
-- Name: DEFAULT PRIVILEGES FOR SEQUENCES; Type: DEFAULT ACL; Schema: public; Owner: gitlab_dbo
--

ALTER DEFAULT PRIVILEGES FOR ROLE <dbowner> IN SCHEMA public REVOKE ALL ON SEQUENCES  FROM <dbowner>;
ALTER DEFAULT PRIVILEGES FOR ROLE <dbowner> IN SCHEMA public GRANT SELECT,USAGE ON SEQUENCES  TO <appuser>;


--
-- Name: DEFAULT PRIVILEGES FOR TABLES; Type: DEFAULT ACL; Schema: public; Owner: <dbowner>
--

ALTER DEFAULT PRIVILEGES FOR ROLE <dbowner> IN SCHEMA public REVOKE ALL ON TABLES  FROM <dbowner>;
ALTER DEFAULT PRIVILEGES FOR ROLE <dbowner> IN SCHEMA public GRANT SELECT,INSERT,DELETE,UPDATE ON TABLES  TO <appuser>;

Why would you want to revoke all privileges from the dbowner?
It actually had granted the privileges to PUBLIC, but I revoked those privileges & changed it to the app account.


What is the difference between these statements?:
ALTER DEFAULT PRIVILEGES FOR ROLE <dbowner> IN SCHEMA public GRANT ...  TO <appuser>;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ... TO <appuser>;



Karin Hilbert
Database Specialist
Administrative Information Services
Pennsylvania State University
25 Shields Bldg., University Park, PA  16802
Work - 814-863-3633
Email - ioh1@xxxxxxx
IM - ioh1@xxxxxxxxxxxx

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux