Bill, * Bill Moran (wmoran@xxxxxxxxxxxxxxxxxxxxxxx) wrote: > In response to Bill Moran <wmoran@xxxxxxxxxxxxxxxxxxxxxxx>: > > If I have a database called db1 to which the role dumpable has enough > > permissions to do a full pg_dump, but he user joe does not, how can > > joe do a pg_dump? Is it possible? > > Apologies, I left out a key piece of information: > The role dumpable has superuser privileges, and this is the reason that > dumpable is able to dump the database. As noted in the docs, superuser, > createdb, and createrole privs don't seem to inherit. If I remove > superuser from role dumpable, that role can't do pg_dump either. I've got the exact same situation and I don't believe there's currently a way to fix it in PostgreSQL. I've been asking for this ability on -hackers and will probably come up with a patch to implement it soon. In my ideal world it'd get into 8.4 and maybe back-patched to older releases if it's not too invasive. Glad to hear I'm not alone in wanting to have this ability though. :) Thanks! Stephen
Attachment:
signature.asc
Description: Digital signature
