PostgreSQL: Role (user, group, member relationship, inheritance)

Super User: similar to SA, root, sysdba of other systems

The name of the first superuser created during initdb.exe Initialization is the same as the OS account used for executing initdb.exe.

Oid of the first superuser = 10

Superuser is not controlled by the object permission system of ipvsq. It can do anything in the system! Dangerous !!

 

Owner of the object: a special role

• The permission system of an object is a limited set of permissions on the object, but some permissions cannot be granted or revoke. This is what the owner features: the permissions that many common users do not possess.
• The owner permission can be transferred by a superuser.

 

PostgreSQL does not differentiate users and groups since 8.1. All are called role roles.

• Role is irrelevant to the database.
• Role is the set of permissions.
• Role can cross, inherit from, and be granted object permissions.

 

Special public roles: Public roles belonging to all role

• Create role role_name [Login createdb super iherit...]
• Create user role_name equals create role role_name Login
• Drop role
• Grant {All | priviliges} on object to role_name
• Revoke {All | priviliges} on object from role_name