Thread: ALTER DATABASE ... RENAME: permission denied for superuser

ALTER DATABASE ... RENAME: permission denied for superuser

From

"Alexander M. Pravking"

Date:

10 March 2005, 13:43:15

Docs say: Only the database owner or a superuser can rename a database;
non-superuser owners must also have the CREATEDB privilege.

Looks like a superuser must have CREATEDB too:

fduch@~=# SELECT usesuper, usecreatedb from pg_user where usename = 'fduch';
 usesuper | usecreatedb
----------+-------------
 t        | f
(1 row)

fduch@~=# CREATE DATABASE test owner stat;
CREATE DATABASE
fduch@~=# ALTER DATABASE test RENAME TO work;
ERROR:  permission denied to rename database
fduch@~=# ALTER DATABASE test OWNER TO fduch ;
ALTER DATABASE
fduch@~=# ALTER DATABASE test RENAME TO work;
ERROR:  permission denied to rename database

At last:
fduch@~=# ALTER USER fduch CREATEDB ;
ALTER USER
fduch@~=# ALTER DATABASE test RENAME TO work;
ALTER DATABASE
fduch@~=# ALTER DATABASE work OWNER TO stat;
ALTER DATABASE
fduch@~=# ALTER DATABASE work RENAME TO test;
ALTER DATABASE

PostgreSQL 8.0.1 on i386-portbld-freebsd5.3, compiled by GCC cc (GCC) 3.4.2 [FreeBSD] 20040728


--
Fduch M. Pravking

Re: ALTER DATABASE ... RENAME: permission denied for superuser

From

Tom Lane

Date:

10 March 2005, 18:15:56

"Alexander M. Pravking" <fduch@antar.bryansk.ru> writes:
> Docs say: Only the database owner or a superuser can rename a database;
> non-superuser owners must also have the CREATEDB privilege.

> Looks like a superuser must have CREATEDB too:

Yeah, the test in RenameDatabase is only looking at createdb and not at
superuserness.  Seems like a bug to me --- or does anyone want to argue
that the code behavior is correct and the docs are wrong?

            regards, tom lane

Re: ALTER DATABASE ... RENAME: permission denied for superuser

From

Bruce Momjian

Date:

13 March 2005, 00:32:17

Tom has fixed this bug and backpatched it back to 7.4.X.

---------------------------------------------------------------------------

Alexander M. Pravking wrote:
> Docs say: Only the database owner or a superuser can rename a database;
> non-superuser owners must also have the CREATEDB privilege.
>
> Looks like a superuser must have CREATEDB too:
>
> fduch@~=# SELECT usesuper, usecreatedb from pg_user where usename = 'fduch';
>  usesuper | usecreatedb
> ----------+-------------
>  t        | f
> (1 row)
>
> fduch@~=# CREATE DATABASE test owner stat;
> CREATE DATABASE
> fduch@~=# ALTER DATABASE test RENAME TO work;
> ERROR:  permission denied to rename database
> fduch@~=# ALTER DATABASE test OWNER TO fduch ;
> ALTER DATABASE
> fduch@~=# ALTER DATABASE test RENAME TO work;
> ERROR:  permission denied to rename database
>
> At last:
> fduch@~=# ALTER USER fduch CREATEDB ;
> ALTER USER
> fduch@~=# ALTER DATABASE test RENAME TO work;
> ALTER DATABASE
> fduch@~=# ALTER DATABASE work OWNER TO stat;
> ALTER DATABASE
> fduch@~=# ALTER DATABASE work RENAME TO test;
> ALTER DATABASE
>
> PostgreSQL 8.0.1 on i386-portbld-freebsd5.3, compiled by GCC cc (GCC) 3.4.2 [FreeBSD] 20040728
>
>
> --
> Fduch M. Pravking
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
>

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073