Casey Allen Shobe <cshobe@softhome.net> writes:
> Devrim GUNDUZ (Saturday 27 December 2003 10:45)
>> Hmm, that solved the problem, thanks.
>>
>> But I still could not understand why the lack of createuser permission
>> caused the error above...
> Because database users (and lots of other database information) is stored in
> the pg_catalog schema. When you create, alter, or drop a user, you are
> performing an insert, update, or delete on pg_catalog.pg_shadow.
This analysis is nonsense ... system catalog operations do not do the
same kinds of permission checks as user queries do. Furthermore, if
he'd not had permissions to create users, the initial CREATE USER
command would have failed, and so would CREATE DATABASE (since it would
then be specifying a nonexistent owner name).
My guess is that Devrim interpreted your suggestion as telling him to
make the created user (tdmsoftmailserveruser) a superuser, which would
naturally suppress any and all permissions failures for operations
executed by that user. That's hardly a reasonable answer to his problem
though. As to what his real problem is, I dunno, but I'd like to find
out.
regards, tom lane
