Thread

Commits

  1. Clarify that CREATEROLE roles are considered Administrators

  1. [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles

    Michael Banck <michael.banck@credativ.de> — 2020-11-27T22:49:59Z

    Hi,
    
    https://www.postgresql.org/docs/current/default-roles.html mentions the
    "Administrator" several times, but does not specify it further. I
    understand that it is mentioned elsewhere [1], but I think it would be
    beneficial to remind the reader on that page at least once that
    "Administrators" includes "roles with the CREATEROLE privilege" in the
    context of GRANTing and REVOKEing default privileges, e.g. with the
    attached patch.
    
    
    Michael
    
    [1] e.g. at https://www.postgresql.org/docs/current/sql-createrole.html
    it is mentioned that CREATEROLE privs can be regarded as "almost-superuser-roles"
    
    -- 
    Michael Banck
    Projektleiter / Senior Berater
    Tel.: +49 2166 9901-171
    Fax:  +49 2166 9901-100
    Email: michael.banck@credativ.de
    
    credativ GmbH, HRB Mönchengladbach 12080
    USt-ID-Nummer: DE204566209
    Trompeterallee 108, 41189 Mönchengladbach
    Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer
    
    Unser Umgang mit personenbezogenen Daten unterliegt
    folgenden Bestimmungen: https://www.credativ.de/datenschutz
    
  2. Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles

    Masahiko Sawada <sawada.mshk@gmail.com> — 2020-12-28T11:41:19Z

    Hi Michael,
    
    On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote:
    >
    > Hi,
    >
    > https://www.postgresql.org/docs/current/default-roles.html mentions the
    > "Administrator" several times, but does not specify it further. I
    > understand that it is mentioned elsewhere [1], but I think it would be
    > beneficial to remind the reader on that page at least once that
    > "Administrators" includes "roles with the CREATEROLE privilege" in the
    > context of GRANTing and REVOKEing default privileges, e.g. with the
    > attached patch.
    >
    
    You sent in your patch, default-roles-createrole.patch to
    pgsql-hackers on Nov 28, but you did not post it to the next
    CommitFest[1].  If this was intentional, then you need to take no
    action.  However, if you want your patch to be reviewed as part of the
    upcoming CommitFest, then you need to add it yourself before
    2021-01-01 AoE[2]. Thanks for your contributions.
    
    Regards,
    
    [1] https://commitfest.postgresql.org/31/
    [2] https://en.wikipedia.org/wiki/Anywhere_on_Earth
    
    -- 
    Masahiko Sawada
    EnterpriseDB:  https://www.enterprisedb.com/
    
    
    
    
  3. Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles

    Michael Banck <michael.banck@credativ.de> — 2020-12-31T15:05:20Z

    Hi,
    
    Am Montag, den 28.12.2020, 20:41 +0900 schrieb Masahiko Sawada:
    > On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote:
    > > https://www.postgresql.org/docs/current/default-roles.html mentions the
    > > "Administrator" several times, but does not specify it further. I
    > > understand that it is mentioned elsewhere [1], but I think it would be
    > > beneficial to remind the reader on that page at least once that
    > > "Administrators" includes "roles with the CREATEROLE privilege" in the
    > > context of GRANTing and REVOKEing default privileges, e.g. with the
    > > attached patch.
    > > 
    > 
    > You sent in your patch, default-roles-createrole.patch to
    > pgsql-hackers on Nov 28, but you did not post it to the next
    > CommitFest[1].  If this was intentional, then you need to take no
    > action.  However, if you want your patch to be reviewed as part of the
    > upcoming CommitFest, then you need to add it yourself before
    > 2021-01-01 AoE[2]. Thanks for your contributions.
    
    Thanks for reminding me, I've done so now[1].
    
    
    Michael
    
    [1] https://commitfest.postgresql.org/31/2921/
    
    -- 
    Michael Banck
    Projektleiter / Senior Berater
    Tel.: +49 2166 9901-171
    Fax:  +49 2166 9901-100
    Email: michael.banck@credativ.de
    
    credativ GmbH, HRB Mönchengladbach 12080
    USt-ID-Nummer: DE204566209
    Trompeterallee 108, 41189 Mönchengladbach
    Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer
    
    Unser Umgang mit personenbezogenen Daten unterliegt
    folgenden Bestimmungen: https://www.credativ.de/datenschutz
    
    
    
    
    
  4. Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles

    Robert Treat <rob@xzilla.net> — 2021-02-23T06:18:50Z

    On Thu, Dec 31, 2020 at 10:05 AM Michael Banck
    <michael.banck@credativ.de> wrote:
    >
    > Hi,
    >
    > Am Montag, den 28.12.2020, 20:41 +0900 schrieb Masahiko Sawada:
    > > On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote:
    > > > https://www.postgresql.org/docs/current/default-roles.html mentions the
    > > > "Administrator" several times, but does not specify it further. I
    > > > understand that it is mentioned elsewhere [1], but I think it would be
    > > > beneficial to remind the reader on that page at least once that
    > > > "Administrators" includes "roles with the CREATEROLE privilege" in the
    > > > context of GRANTing and REVOKEing default privileges, e.g. with the
    > > > attached patch.
    > > >
    
    Took look at the wording and +1 from me on the proposed change. FWIW,
    I believe the preceding sentence would be more grammatically correct
    if the word "which" was replaced with "that", ie. PostgreSQL provides
    a set of default roles /that/ provide access to certain, commonly
    needed, privileged capabilities and information.
    
    Robert Treat
    https://xzilla.net
    
    
    
    
  5. Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles

    Magnus Hagander <magnus@hagander.net> — 2021-03-06T17:12:50Z

    On Tue, Feb 23, 2021 at 7:19 AM Robert Treat <rob@xzilla.net> wrote:
    >
    > On Thu, Dec 31, 2020 at 10:05 AM Michael Banck
    > <michael.banck@credativ.de> wrote:
    > >
    > > Hi,
    > >
    > > Am Montag, den 28.12.2020, 20:41 +0900 schrieb Masahiko Sawada:
    > > > On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote:
    > > > > https://www.postgresql.org/docs/current/default-roles.html mentions the
    > > > > "Administrator" several times, but does not specify it further. I
    > > > > understand that it is mentioned elsewhere [1], but I think it would be
    > > > > beneficial to remind the reader on that page at least once that
    > > > > "Administrators" includes "roles with the CREATEROLE privilege" in the
    > > > > context of GRANTing and REVOKEing default privileges, e.g. with the
    > > > > attached patch.
    > > > >
    >
    > Took look at the wording and +1 from me on the proposed change. FWIW,
    > I believe the preceding sentence would be more grammatically correct
    > if the word "which" was replaced with "that", ie. PostgreSQL provides
    > a set of default roles /that/ provide access to certain, commonly
    > needed, privileged capabilities and information.
    
    Applied, including the suggested change from Robert.
    
    -- 
     Magnus Hagander
     Me: https://www.hagander.net/
     Work: https://www.redpill-linpro.com/
    
    
    
    
  6. Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles

    Michael Banck <michael.banck@credativ.de> — 2021-03-06T22:08:44Z

    On Sat, Mar 06, 2021 at 06:12:50PM +0100, Magnus Hagander wrote:
    > On Tue, Feb 23, 2021 at 7:19 AM Robert Treat <rob@xzilla.net> wrote:
    > > On Thu, Dec 31, 2020 at 10:05 AM Michael Banck
    > > <michael.banck@credativ.de> wrote:
    > > > Am Montag, den 28.12.2020, 20:41 +0900 schrieb Masahiko Sawada:
    > > > > On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote:
    > > > > > https://www.postgresql.org/docs/current/default-roles.html mentions the
    > > > > > "Administrator" several times, but does not specify it further. I
    > > > > > understand that it is mentioned elsewhere [1], but I think it would be
    > > > > > beneficial to remind the reader on that page at least once that
    > > > > > "Administrators" includes "roles with the CREATEROLE privilege" in the
    > > > > > context of GRANTing and REVOKEing default privileges, e.g. with the
    > > > > > attached patch.
    > >
    > > Took look at the wording and +1 from me on the proposed change. FWIW,
    > > I believe the preceding sentence would be more grammatically correct
    > > if the word "which" was replaced with "that", ie. PostgreSQL provides
    > > a set of default roles /that/ provide access to certain, commonly
    > > needed, privileged capabilities and information.
    > 
    > Applied, including the suggested change from Robert.
    
    Thanks!
    
    
    Michael
    
    -- 
    Michael Banck
    Projektleiter / Senior Berater
    Tel.: +49 2166 9901-171
    Fax:  +49 2166 9901-100
    Email: michael.banck@credativ.de
    
    credativ GmbH, HRB Mönchengladbach 12080
    USt-ID-Nummer: DE204566209
    Trompeterallee 108, 41189 Mönchengladbach
    Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer
    
    Unser Umgang mit personenbezogenen Daten unterliegt
    folgenden Bestimmungen: https://www.credativ.de/datenschutz