Home > mailing lists

Error for GRANTED BY in PG16&PG17 that does not happen in PG15 - Mailing list pgsql-bugs

From	Floris Van Nee
Subject	Error for GRANTED BY in PG16&PG17 that does not happen in PG15
Date	February 12 13:56:01
Msg-id	bc5f945cbd27483f83a59880550722ce@Optiver.com Whole thread Raw
List	pgsql-bugs

Tree view

Hi, I observed some difference in behavior for granting roles.

Running as a superuser (postgres).

SQL:

create role test_group;

create role test_user;

create role test_su with superuser;

grant test_group to test_user granted by test_su;

Output on PG16 & PG17:

CREATE ROLE

ERROR: permission denied to grant privileges as role "test_su"

DETAIL: The grantor must have the ADMIN option on role "test_group".

The same succeeds on PG15.

This likely has to do with work that was done by Robert Haas on introducing this ADMIN option in PG16.

Surely doing “granted by some_superuser” should be allowed regardless of the ADMIN option though, right?

-Floris

pgsql-bugs by date:

From: Tender Wang
Date: 12 February, 12:48:53
Subject: Re: BUG #18806: When enable_rartitionwise_join is set to ON, the database shuts down abnormally

From: Fujii Masao
Date: 12 February, 14:19:27
Subject: reltuples decreasing with each autovacuum run

Error for GRANTED BY in PG16&PG17 that does not happen in PG15 - Mailing list pgsql-bugs

Previous

Next