Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1sjzaR-006SVq-4X for pgsql-general@arkaria.postgresql.org; Fri, 30 Aug 2024 11:14:39 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1sjzaO-00211A-Cs for pgsql-general@arkaria.postgresql.org; Fri, 30 Aug 2024 11:14:36 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1sjzaN-002109-UZ for pgsql-general@lists.postgresql.org; Fri, 30 Aug 2024 11:14:36 +0000 Received: from mail-vs1-xe2c.google.com ([2607:f8b0:4864:20::e2c]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1sjzaH-002Eo3-7w for pgsql-general@lists.postgresql.org; Fri, 30 Aug 2024 11:14:35 +0000 Received: by mail-vs1-xe2c.google.com with SMTP id ada2fe7eead31-498de7a11b9so494292137.2 for ; Fri, 30 Aug 2024 04:14:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1725016468; x=1725621268; darn=lists.postgresql.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=EmO1WuC41VSWxlrkCJae1bQBCGXLBqyIWHfL713LnHU=; b=dzxJRiPnoNlE68R39vuwhgHaIe9DO8wO0/YBH/xxEwDj9UgH9xtfLk2PnmQKqqrUiH KznQAd7BYxv7ZYpBR3l02r2FZiRsfHwXMT71mrz36FKWy72kkjOEBQsq9WcBn6kXPOx6 9OPmzyqx8DDg7HNSDFWEmPglC6PzNrz+JcZ3Sk79J+KtXopz6inZLdP9EArYJtTlHmyM Ocfp5M2suJyhfjhAiDyQF3Bj0sMVyhs45Gcgahq+Yr3iMVQW/jlXcpHh52kQdHxx82ow kjoJorF3A3XS92TF6q5rEFN9o4nlej1ETOUMtXN5IR9VE1TACdhqhdMJc6GqZKvQPq8E 0bjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725016468; x=1725621268; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=EmO1WuC41VSWxlrkCJae1bQBCGXLBqyIWHfL713LnHU=; b=QPylPBF4UUTyid28Atas4XhXWkO0WncCWYt5MDIrLg/lohEJk2Sw9/GCY1cngsk2j/ 32cgNuOcnljvaCQIx+pNmywhs2vwLTyukxBzbFfQvbcLM4xWbUiWB+dYAhDJ9Qpl7U9I LOlzTtF6ZgmQfFLToTe90tYWyLqhzKkfMW66AI2qGBxctF9+Gjp9sxHz6i4sKNnUqqW5 zxYi/K3RuIRlh37He1s9dbnZz53DEWXzuXrOT27FKpJjd7SUxfkJ0R0k6JBdhQUZaHpF aCITX7vM1tuh8QEfy9uGBIG3Q6Xx8eApTsZoCSBKnwo2lWjh+X6zAV3zZTsvDJgnT0w7 SJUQ== X-Gm-Message-State: AOJu0YxRRkVixF9jRkI3L2LSlVVAFLQdti6rmb5S5fONQPnBDdjCzY43 k6LI39lEZZ+l4do3AvkAAcOivoAffMEihgwhT3NAsM/cmtAXz/MbpJv+SHzRMZShvbw7fHeSHwk esPT22vGI8ys1kr5wD9UMeqSDVuhKtSzO X-Google-Smtp-Source: AGHT+IHoWUWnbElB1DXUybOehMMebHFPN4uEp1v56Dt/ZgdzeN/JCZEFckvGWWe73Hic7BSzo89fzZplyXBtl+UK59M= X-Received: by 2002:a05:6102:32cb:b0:492:aaae:835d with SMTP id ada2fe7eead31-49a5abe0c32mr7694631137.0.1725016463330; Fri, 30 Aug 2024 04:14:23 -0700 (PDT) MIME-Version: 1.0 From: Atul Kumar Date: Fri, 30 Aug 2024 16:44:12 +0530 Message-ID: Subject: default privileges are npt working To: pgsql-general Content-Type: multipart/alternative; boundary="0000000000008769b00620e4b118" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --0000000000008769b00620e4b118 Content-Type: text/plain; charset="UTF-8" Hi, I have a postgres instance running on version 15 in centos7. I have created a custom database and revoked all public privileges from that database. Then I have created a custom schema in that custom database. Now I have created one writer *user* and one reader *user *by postgres superuser and then granted connect privileges on the database. Then I have given all privileges of schema level and table level to the writer *user *so that it can create tables and insert data in the tables in that schema. And for reader *user * I have granted usage only privileges on schema level and select privileges on table level so that it can only read the data of tables. Then I granted default "select" privileges to reader *user *to read data of all tables created by writer *user* using below command: alter default privileges in schema grant select on tables to . but when I am connected to the reader user I am not able to read the data inserted by the writer *user* and getting permission denied error. I can only see the list of tables created by the writer user, not the data. Am I missing something here? Please let me know. *My Goal: To read the data by reader user inserted by writer user.* Regards. --0000000000008769b00620e4b118 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,

I have a postgres instance running = on version 15 in centos7.

I have created a custom = database and revoked all public privileges from that database.
Then I have created a custom schema in that custom database.

Now I have created one writer=C2=A0user and one reader user by postgres superuser and then granted= connect privileges on the database.

Then I have g= iven all privileges=C2=A0of schema level and table level to the writer=C2= =A0user so that it can crea= te tables and insert data in the tables in that schema.
And for reader=C2=A0user=C2=A0 I have gra= nted usage only privileges on schema level and select privileges on table l= evel so that it can only read the data of tables.

= Then I granted default "select" privileges to reader=C2=A0u= ser to read data of all tables created by writer=C2=A0user=C2=A0using below command:

alter default=C2=A0privileges in schema <custom schema> grant selec= t on tables to <reader user>.

but when I am = connected to the reader=C2=A0user I am not able to read the data inserted= =C2=A0by the writer=C2=A0user and getting permission=C2=A0denied error.
I can only see the list of tables created by the writer user, = not the data.

Am I missing something here? Please= =C2=A0let me know.

My Goal: To read the data by= reader user inserted=C2=A0by writer user.

Regards.
--0000000000008769b00620e4b118--