Content-Type: multipart/alternative;
 boundary="------------Ygwvb0U59gvsKm00qOw2lOkF"
Message-ID: <a1b5e303-66f9-4992-9d9b-0213c1c6bef7@hot.ee>
Date: Sun, 1 Sep 2024 22:28:17 +0300
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: et
To: pgsql-general <pgsql-general@postgresql.org>
From: Andrus <kobruleht2@hot.ee>
Subject: How to grant role to other user
Archived-At: <https://www.postgresql.org/message-id/a1b5e303-66f9-4992-9d9b-0213c1c6bef7%40hot.ee>
Precedence: bulk

This is a multi-part message in MIME format.
--------------Ygwvb0U59gvsKm00qOw2lOkF
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit

Hi!

Postgres 16 has user ingmar which is marked as superuser and has create 
role rights:

     CREATE ROLE ingmar WITH
       LOGIN
       SUPERUSER
       INHERIT
       CREATEDB
       CREATEROLE
       NOREPLICATION
       BYPASSRLS
       ENCRYPTED PASSWORD 'md5aaaaaaa790012b7aa47017f124e263d8';

     GRANT "240316_owner" TO ingmar;
     GRANT eeva_owner TO ingmar WITH ADMIN OPTION;

User ingmar creates role "ingmar.e" using

     CREATE ROLE "ingmar.e" LOGIN

and tries to grant eeva_owner role to it using

     GRANT "eeva_owner" TO "ingmar.e"

This command throws error

  ERROR: permission denied to grant role "eeva_owner"

DETAIL: Only roles with the ADMIN option on role "eeva_owner" may grant 
this role.

How user ingmar can grant role eeva_owner to user  "ingmar.e" ?

Using

PostgreSQL 16.4 (Debian 16.4-1.pgdg120+1) on x86_64-pc-linux-gnu, 
compiled by gcc (Debian 12.2.0-14) 12.2.0

Posted also in

https://stackoverflow.com/questions/78938204/how-to-grant-role-to-user

Andrus.


--------------Ygwvb0U59gvsKm00qOw2lOkF
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<!DOCTYPE html>
<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>Hi!<br>
    </p>
    <p>Postgres 16 has user ingmar which is marked as superuser and has
      create role rights:<br>
      <br>
          CREATE ROLE ingmar WITH<br>
            LOGIN<br>
            SUPERUSER<br>
            INHERIT<br>
            CREATEDB<br>
            CREATEROLE<br>
            NOREPLICATION<br>
            BYPASSRLS<br>
            ENCRYPTED PASSWORD 'md5aaaaaaa790012b7aa47017f124e263d8';<br>
          <br>
          GRANT "240316_owner" TO ingmar;<br>
          GRANT eeva_owner TO ingmar WITH ADMIN OPTION;<br>
      <br>
      User ingmar creates role "ingmar.e" using<br>
      <br>
          CREATE ROLE "ingmar.e" LOGIN<br>
      <br>
      and tries to grant eeva_owner role to it using<br>
      <br>
          GRANT "eeva_owner" TO "ingmar.e"<br>
      <br>
      This command throws error<br>
      <br>
       ERROR: permission denied to grant role "eeva_owner" </p>
    <p>DETAIL: Only roles with the ADMIN option on role "eeva_owner" may
      grant this role.</p>
    <p>How user ingmar can grant role eeva_owner to user  "ingmar.e" ?<br>
      <br>
      Using <br>
      <br>
      PostgreSQL 16.4 (Debian 16.4-1.pgdg120+1) on x86_64-pc-linux-gnu,
      compiled by gcc (Debian 12.2.0-14) 12.2.0<br>
    </p>
    <p>Posted also in</p>
    <p><a class="moz-txt-link-freetext" href="https://stackoverflow.com/questions/78938204/how-to-grant-role-to-user">https://stackoverflow.com/questions/78938204/how-to-grant-role-to-user</a></p>
    <p>Andrus.<br>
    </p>
    <p><br>
    </p>
  </body>
</html>

--------------Ygwvb0U59gvsKm00qOw2lOkF--