Re: Backward compat issue with v16 around ROLEs

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Adrian Klaver <[email protected]>
To: Dominique Devienne <[email protected]>
To: [email protected]
Subject: Re: Backward compat issue with v16 around ROLEs
Date: Wed, 11 Sep 2024 08:09:13 -0700
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAFCRh-8+PGGTuqg=rSKA533D0dqYAgq69UzSqMm67VEW02nZyQ@mail.gmail.com>
References: <CAFCRh-8+PGGTuqg=rSKA533D0dqYAgq69UzSqMm67VEW02nZyQ@mail.gmail.com>

On 9/11/24 07:41, Dominique Devienne wrote:
> Hi. I'm going around in circles trying to solve an issue with our

> on v16:
> 
> D:\pdgm\trunk\psc2>psql service=pau16
> psql (17beta3, server 16.1)
> Type "help" for help.
> 
> ddevienne=> create role dd_owner createrole;
> CREATE ROLE
> ddevienne=> create role dd_admin noinherit;
> CREATE ROLE
> ddevienne=> grant dd_owner to dd_admin;
> GRANT ROLE
> ddevienne=> set role dd_owner;
> ERROR:  permission denied to set role "dd_owner"
> ddevienne=> grant dd_owner to current_user;
> GRANT ROLE
> ddevienne=> set role dd_owner;
> SET
> ddevienne=> create role dd_user;
> CREATE ROLE
> ddevienne=> grant dd_admin to dd_user;
> ERROR:  permission denied to grant role "dd_admin"
> DETAIL:  Only roles with the ADMIN option on role "dd_admin" may grant
> this role.
> ddevienne=>
> 
> 

What user did you do the above as?

On my Postgres 16.4 instance logged in as postgres:

test=# create role dd_owner createrole;
CREATE ROLE
test=# create role dd_admin noinherit;
CREATE ROLE
test=# grant dd_owner to dd_admin;
GRANT ROLE
test=# set role dd_owner;
SET
test=> grant dd_owner to current_user;
ERROR:  permission denied to grant role "dd_owner"
DETAIL:  Only roles with the ADMIN option on role "dd_owner" may grant 
this role.
test=> create role dd_user;
CREATE ROLE
test=> grant dd_admin to dd_user;
ERROR:  permission denied to grant role "dd_admin"
DETAIL:  Only roles with the ADMIN option on role "dd_admin" may grant 
this role.

-- 
Adrian Klaver
[email protected]

view thread (15+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected]
  Subject: Re: Backward compat issue with v16 around ROLEs
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox