ALTER DEFAULT PRIVILEGES FOR ROLE suser GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
again?
After that:
24629;0;"S";"{}"
24629;0;"T";"{}"
24629;0;"r";"{}"
24629;0;"f";"{=X/suser}"
ALTER DEFAULT PRIVILEGES FOR ROLE suser revoke EXECUTE ON FUNCTIONS from PUBLIC;
24629;0;"S";"{}"
24629;0;"T";"{}"
24629;0;"r";"{}"
24629;0;"f";"{}"
PGSQL 9.4, 9.6 on Debian (diff. servers).
The source of the problem would be complicated.
The suser is not superuser, but all db owner was member of him.
The databases sometimes created from template0, sometimes copied from prev. basic database (create database from another database), or from backup/restore.
We created suser to see every data in database. But objects are created by him denied from db owner.
Because of that we added default privileges (suser -> db owner).
The time passed away and many things changes. So we want to remove def. privileges, but these orphan records remain here. I removed the actual DB owner from suser's member list, but it have no effect.
I will try to make backup/restore on an example db to see what happen. I will try to recreate this strange thing in my test server.
