Hi chaps,
Apologies in advance if there's something in the docs I've missed here, but I have had a good look around and I can't
finda good explanation anywhere.
I'm looking at setting up group roles to manage our users, but I can't quite get my head around how the inheritance is
supposedto work, I'm hoping I've just totally overlooked something here.
I created a group 'admins' as follows:
CREATE ROLE admins NOSUPERUSER NOINHERIT CREATEDB CREATEROLE;
Then I create a user in this group:
CREATE USER test WITH PASSWORD 'passw' IN GROUP admins;
So I can see in pgAdmin for my test user:
CREATE ROLE test LOGIN
ENCRYPTED PASSWORD 'md5b140e5c3c4fb663063316e011e54ec3d'
NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE;
GRANT admins TO test;
This test user can't create databases, nor can it create roles. I get "permission denied to create role"
I thought that if user 'test' was in group 'admins' and I specified INHERIT then it'd inherit those permissions?
I'm confused??
Thanks
Glyn
__________________________________________________________
Sent from Yahoo! Mail.
A Smarter Inbox http://uk.docs.yahoo.com/nowyoucan.html
