Sam Gendler wrote: > psql 9.6.3 on OS X. > > I'm dealing with a production database in which all db access has been made > by the same user - the db owner, which isn't actually a superuser because > the db runs on amazon RDS - amazon retains the superuser privilege for its > own users and makes non-superuser role with createrole and createdb > privileges for use as the primary role by the AWS account.
It's true that REASSIGN OWNED is limited to a very particular scenario. It was written to support the specific case of wanting to drop a role, and that can only be done by a superuser, so why would it matter that REASSIGN OWNED itself could not be run by a superuser?
You could at least fix the documentation bug since this superuser-only restriction doesn't show up and is in fact contradicted by the sentence "REASSIGN OWNED requires privileges on both the source role(s) and the target role." The error message that comes back seems like it could be improved as well.
The word "privileges" there seems odd too, wouldn't "membership" be more appropriate?
