Home > mailing lists

Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role? - Mailing list pgsql-admin

From	Laurenz Albe
Subject	Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role?
Date	July 8 15:53:03
Msg-id	bacddcb84956a662cd3de97ce4fe32d705083dc7.camel@cybertec.at Whole thread Raw
In response to	Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role? (Scott Ribe <scott_ribe@elevated-dev.com>)
Responses	Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role?
List	pgsql-admin

Tree view

On Tue, 2025-07-08 at 06:16 -0600, Scott Ribe wrote:
> I don't have an answer for you, just a question out of curiosity. Is this a prelude
> to dropping the role? Thus, if it existed, DROP ROLE ... CASCADE would have worked
> for your use case?

If dropping the role is the reason why the privileges should go, the canonical
procedure is:

- connect to each database in the cluster in turn; in each:
  - REASSIGN OWNED BY role_to_drop ...
    to transfer ownership
  - DROP OWNED BY role_to_drop
    to remove owned objects *and privileges*
- DROP ROLE role_to_drop

Yours,
Laurenz Albe

pgsql-admin by date:

From: Scott Ribe
Date: 08 July, 15:35:00
Subject: Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role?

From: Ron Johnson
Date: 08 July, 15:59:50
Subject: Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role?

Re: REVOKE ALL ON ALL OBJECTS IN ALL SCHEMAS FROM some_role? - Mailing list pgsql-admin

Previous

Next