Description
- Only superusers (users with usesuper set in
- the pg_shadow table) can create
- invoked by someone who can connect as a
PostgreSQL- superuser.
+ new
PostgreSQL user (or more precisely, a role).
+ Only superusers and users with CREATEROLE privilege can create
+ new users, so
createuser must be
+ invoked by someone who can connect as a superuser or a user with
+ CREATEROLE privilege.
- Being a superuser also implies the ability to bypass access permission
+ If you wish to create a new superuser, you must connect as a
+ superuser, not merely with CREATEROLE privilege.
+ Being a superuser implies the ability to bypass all access permission
checks within the database, so superuserdom should not be granted lightly.
createuser is a wrapper around the
- endterm="SQL-CREATEUSER-title">.
+ endterm="SQL-CREATEROLE-title">.
There is no effective difference between creating users via
this utility and via other methods for accessing the server.
Specifies the name of the
PostgreSQL user
to be created.
- This name must be unique among all users of this
+ This name must be different from all existing roles in this
-
-
+
+
- The new user is allowed to create other users.
- (Note: Actually, this makes the new user a superuser.
- The option is poorly named.)
+ The new user will be a superuser.
-
-
+
+
- The new user is not allowed to create other users (i.e.,
- the new user is a regular user, not a superuser).
- This is the default.
+ The new user will not be a superuser.
- The new user is allowed to create databases.
+ The new user will be allowed to create databases.
- The new user is not allowed to create databases.
- This is the default.
+ The new user will not be allowed to create databases.
-
-
+
+
- Echo the commands that
createuser generates
- and sends to the server.
+ The new user will be allowed to create new roles (that is,
+ this user will have CREATEROLE privilege).
-
-
+
+
- Encrypts the user's password stored in the database. If not
- specified, the default password behavior is used.
+ The new user will not be allowed to create new roles.
-
-
+
+
- Allows you to pick a non-default user ID for the new user. This is not
- necessary, but some people like it.
+ The new user will be allowed to log in (that is, the user name
+ can be used as the initial session user identifier).
+ This is the default.
-
-
+
+
- Does not encrypt the user's password stored in the database. If
- not specified, the default password behavior is used.
+ The new user will not be allowed to log in.
+ (A role without login privilege is still useful as a means of
+ managing database permissions.)
+
+
+
+
+
+
+
+
+ The new role will automatically inherit privileges of roles
+ it is a member of.
+ This is the default.
+
+
+
+
+
+
+
+
+ The new role will not automatically inherit privileges of roles
+ it is a member of.
+
+
+
+
+
+
+
+
+ Set a maximum number of connections for the new user.
+ The default is to set no limit.
+
+
+
+
+ Encrypts the user's password stored in the database. If not
+ specified, the default password behavior is used.
+
+
+
+
+
+
+
+
+ Does not encrypt the user's password stored in the database. If
+ not specified, the default password behavior is used.
+
+
+
+
+
+
+
+
+ Echo the commands that
createuser generates
+ and sends to the server.
+
+
+
+
- Specifies the host name of the machine on which the
- server
- is running. If the value begins with a slash, it is used
- as the directory for the Unix domain socket.
+ Specifies the host name of the machine on which the
+ server
+ is running. If the value begins with a slash, it is used
+ as the directory for the Unix domain socket.
- Specifies the TCP port or local Unix domain socket file
- extension on which the server
- is listening for connections.
+ Specifies the TCP port or local Unix domain socket file
+ extension on which the server
+ is listening for connections.
Diagnostics
- In case of difficulty, see USER"
- endterm="sql-createuser-title"> and for
+ In case of difficulty, see ROLE"
+ endterm="sql-createrole-title"> and for
discussions of potential problems and error messages.
The database server must be running at the
targeted host. Also, any default connection settings and environment
server:
-Shall the new user be allowed to create databases? (y/n) n
-Shall the new user be allowed to create more new users? (y/n) n
+Shall the new role be a superuser? (y/n) n
+Shall the new role be allowed to create databases? (y/n) n
+Shall the new role be allowed to create more new roles? (y/n) n
CREATE USER
server on host eden, port 5000, avoiding the prompts and
taking a look at the underlying command:
-
$ createuser -h eden -p 5000 -D -A -e joe-CREATE USER joe NOCREATEDB NOCREATEUSER;
-CREATE USER
+
$ createuser -h eden -p 5000 -S -D -R -e joe+CREATE ROLE joe NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;
+CREATE ROLE
To create the user joe as a superuser,
and assign a password immediately:
-
$ createuser -P -d -a -e joe-Enter password for new user: xyzzy
+
$ createuser -P -s -e joe+Enter password for new role: xyzzy
Enter it again: xyzzy
-CREATE USER joe PASSWORD 'xyzzy' CREATEDB CREATEUSER;
-CREATE USER
+CREATE ROLE joe PASSWORD 'xyzzy' SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN;
+CREATE ROLE
In the above example, the new password isn't actually echoed when typed,
but we show what was typed for clarity. However the password
- user" endterm="sql-createuser-title">
+ role" endterm="sql-createrole-title">
Environment Variables ()
* Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/bin/scripts/createuser.c,v 1.17 2005/06/21 04:02:33 tgl Exp $
+ * $PostgreSQL: pgsql/src/bin/scripts/createuser.c,v 1.18 2005/08/14 20:16:03 tgl Exp $
*
*-------------------------------------------------------------------------
*/
{"quiet", no_argument, NULL, 'q'},
{"createdb", no_argument, NULL, 'd'},
{"no-createdb", no_argument, NULL, 'D'},
+ {"superuser", no_argument, NULL, 's'},
+ {"no-superuser", no_argument, NULL, 'S'},
+ {"createrole", no_argument, NULL, 'r'},
+ {"no-createrole", no_argument, NULL, 'R'},
+ {"inherit", no_argument, NULL, 'i'},
+ {"no-inherit", no_argument, NULL, 'I'},
+ {"login", no_argument, NULL, 'l'},
+ {"no-login", no_argument, NULL, 'L'},
+ /* adduser is obsolete, undocumented spelling of superuser */
{"adduser", no_argument, NULL, 'a'},
{"no-adduser", no_argument, NULL, 'A'},
- {"sysid", required_argument, NULL, 'i'},
+ {"conn-limit", required_argument, NULL, 'c'},
{"pwprompt", no_argument, NULL, 'P'},
{"encrypted", no_argument, NULL, 'E'},
{"unencrypted", no_argument, NULL, 'N'},
bool echo = false;
bool quiet = false;
int createdb = 0;
- int adduser = 0;
- char *sysid = NULL;
+ int superuser = 0;
+ int createrole = 0;
+ int inherit = 0;
+ int login = 0;
+ char *conn_limit = NULL;
bool pwprompt = false;
int encrypted = 0; /* 0 uses server default */
char *newpassword = NULL;
handle_help_version_opts(argc, argv, "createuser", help);
- while ((c = getopt_long(argc, argv, "h:p:U:WeqaAdDi:PEN", long_options, &optindex)) != -1)
+ while ((c = getopt_long(argc, argv, "h:p:U:WeqdDsSaArRiIlLc:PEN",
+ long_options, &optindex)) != -1)
{
switch (c)
{
case 'q':
quiet = true;
break;
- case 'a':
- adduser = +1;
- break;
- case 'A':
- adduser = -1;
- break;
case 'd':
createdb = +1;
break;
case 'D':
createdb = -1;
break;
+ case 's':
+ case 'a':
+ superuser = +1;
+ break;
+ case 'S':
+ case 'A':
+ superuser = -1;
+ break;
+ case 'r':
+ createrole = +1;
+ break;
+ case 'R':
+ createrole = -1;
+ break;
case 'i':
- sysid = optarg;
+ inherit = +1;
+ break;
+ case 'I':
+ inherit = -1;
+ break;
+ case 'l':
+ login = +1;
+ break;
+ case 'L':
+ login = -1;
+ break;
+ case 'c':
+ conn_limit = optarg;
break;
case 'P':
pwprompt = true;
exit(1);
}
- if (sysid)
- {
- char *endptr;
-
- if (strtol(sysid, &endptr, 10) <= 0 || *endptr != '\0')
- {
- fprintf(stderr, _("%s: user ID must be a positive number\n"), progname);
- exit(1);
- }
- }
-
if (newuser == NULL)
- newuser = simple_prompt("Enter name of user to add: ", 128, true);
+ newuser = simple_prompt("Enter name of role to add: ", 128, true);
if (pwprompt)
{
char *pw1,
*pw2;
- pw1 = simple_prompt("Enter password for new user: ", 100, false);
+ pw1 = simple_prompt("Enter password for new role: ", 100, false);
pw2 = simple_prompt("Enter it again: ", 100, false);
if (strcmp(pw1, pw2) != 0)
{
free(pw2);
}
+ if (superuser == 0)
+ {
+ char *reply;
+
+ reply = simple_prompt("Shall the new role be a superuser? (y/n) ", 1, true);
+ if (check_yesno_response(reply) == 1)
+ superuser = +1;
+ else
+ superuser = -1;
+ }
+
+ if (superuser == +1)
+ {
+ /* Not much point in trying to restrict a superuser */
+ createdb = +1;
+ createrole = +1;
+ }
+
if (createdb == 0)
{
char *reply;
- reply = simple_prompt("Shall the new user be allowed to create databases? (y/n) ", 1, true);
+ reply = simple_prompt("Shall the new role be allowed to create databases? (y/n) ", 1, true);
if (check_yesno_response(reply) == 1)
createdb = +1;
else
createdb = -1;
}
- if (adduser == 0)
+ if (createrole == 0)
{
char *reply;
- reply = simple_prompt("Shall the new user be allowed to create more new users? (y/n) ", 1, true);
+ reply = simple_prompt("Shall the new role be allowed to create more new roles? (y/n) ", 1, true);
if (check_yesno_response(reply) == 1)
- adduser = +1;
+ createrole = +1;
else
- adduser = -1;
+ createrole = -1;
+ }
+
+ if (inherit == 0)
+ {
+ /* silently default to YES */
+ inherit = +1;
+ }
+
+ if (login == 0)
+ {
+ /* silently default to YES */
+ login = +1;
}
initPQExpBuffer(&sql);
- printfPQExpBuffer(&sql, "CREATE USER %s", fmtId(newuser));
- if (sysid)
- appendPQExpBuffer(&sql, " SYSID %s", sysid);
+ printfPQExpBuffer(&sql, "CREATE ROLE %s", fmtId(newuser));
if (newpassword)
{
if (encrypted == +1)
appendPQExpBuffer(&sql, " PASSWORD ");
appendStringLiteral(&sql, newpassword, false);
}
+ if (superuser == +1)
+ appendPQExpBuffer(&sql, " SUPERUSER");
+ if (superuser == -1)
+ appendPQExpBuffer(&sql, " NOSUPERUSER");
if (createdb == +1)
appendPQExpBuffer(&sql, " CREATEDB");
if (createdb == -1)
appendPQExpBuffer(&sql, " NOCREATEDB");
- if (adduser == +1)
- appendPQExpBuffer(&sql, " CREATEUSER");
- if (adduser == -1)
- appendPQExpBuffer(&sql, " NOCREATEUSER");
+ if (createrole == +1)
+ appendPQExpBuffer(&sql, " CREATEROLE");
+ if (createrole == -1)
+ appendPQExpBuffer(&sql, " NOCREATEROLE");
+ if (inherit == +1)
+ appendPQExpBuffer(&sql, " INHERIT");
+ if (inherit == -1)
+ appendPQExpBuffer(&sql, " NOINHERIT");
+ if (login == +1)
+ appendPQExpBuffer(&sql, " LOGIN");
+ if (login == -1)
+ appendPQExpBuffer(&sql, " NOLOGIN");
+ if (conn_limit != NULL)
+ appendPQExpBuffer(&sql, " CONNECTION LIMIT %s", conn_limit);
appendPQExpBuffer(&sql, ";\n");
conn = connectDatabase("postgres", host, port, username, password, progname);
if (PQresultStatus(result) != PGRES_COMMAND_OK)
{
- fprintf(stderr, _("%s: creation of new user failed: %s"),
+ fprintf(stderr, _("%s: creation of new role failed: %s"),
progname, PQerrorMessage(conn));
PQfinish(conn);
exit(1);
PQfinish(conn);
if (!quiet)
{
- puts("CREATE USER");
+ puts("CREATE ROLE");
fflush(stdout);
}
exit(0);
static void
help(const char *progname)
{
- printf(_("%s creates a new PostgreSQL user.\n\n"), progname);
+ printf(_("%s creates a new PostgreSQL role.\n\n"), progname);
printf(_("Usage:\n"));
printf(_(" %s [OPTION]... [USERNAME]\n"), progname);
printf(_("\nOptions:\n"));
- printf(_(" -a, --adduser user can add new users\n"));
- printf(_(" -A, --no-adduser user cannot add new users\n"));
- printf(_(" -d, --createdb user can create new databases\n"));
- printf(_(" -D, --no-createdb user cannot create databases\n"));
- printf(_(" -P, --pwprompt assign a password to new user\n"));
+ printf(_(" -s, --superuser role will be superuser\n"));
+ printf(_(" -S, --no-superuser role will not be superuser\n"));
+ printf(_(" -d, --createdb role can create new databases\n"));
+ printf(_(" -D, --no-createdb role cannot create databases\n"));
+ printf(_(" -r, --createrole role can create new roles\n"));
+ printf(_(" -R, --no-createrole role cannot create roles\n"));
+ printf(_(" -l, --login role can login (default)\n"));
+ printf(_(" -L, --no-login role cannot login\n"));
+ printf(_(" -i, --inherit role inherits permissions of roles\n"));
+ printf(_(" it is a member of (default)\n"));
+ printf(_(" -I, --no-inherit role does not inherit permissions\n"));
+ printf(_(" -c, --conn-limit=N max connections for role (default: no limit)\n"));
+ printf(_(" -P, --pwprompt assign a password to new role\n"));
printf(_(" -E, --encrypted encrypt stored password\n"));
printf(_(" -N, --unencrypted do not encrypt stored password\n"));
- printf(_(" -i, --sysid=SYSID select sysid for new user\n"));
printf(_(" -e, --echo show the commands being sent to the server\n"));
printf(_(" -q, --quiet don't write any messages\n"));
printf(_(" --help show this help, then exit\n"));
printf(_(" -p, --port=PORT database server port\n"));
printf(_(" -U, --username=USERNAME user name to connect as (not the one to create)\n"));
printf(_(" -W, --password prompt for password to connect\n"));
- printf(_("\nIf one of -a, -A, -d, -D, and USERNAME is not specified, you will\n"
- "be prompted interactively.\n"));
+ printf(_("\nIf one of -s, -S, -d, -D, -r, -R and USERNAME is not specified,\n"
+ "you will be prompted interactively.\n"));
printf(_("\nReport bugs to
.\n")); }
projects / postgresql.git / commitdiff