Thread: Privileges needed by pg_autovacuum?

I've password protected the 'postgres' account (to enable secure remote
access) and I don't want to store the password on the local file system.
I therefore want to create a separate account for use by pg_autovacuum
(locked down in pg_hba.conf and perhaps with a password).  What are the
minimum set of privileges needed by pg_autovacuum?  I've searched
extensively & can't find an answer.

--
Peter Fein                 pfein@pobox.com                 773-575-0694

Basically, if you're not a utopianist, you're a schmuck. -J. Feldman

Peter Fein wrote:
> I've password protected the 'postgres' account (to enable secure remote
> access) and I don't want to store the password on the local file system.
> I therefore want to create a separate account for use by pg_autovacuum
> (locked down in pg_hba.conf and perhaps with a password).  What are the
> minimum set of privileges needed by pg_autovacuum?  I've searched
> extensively & can't find an answer.
>

Well, I created a user, connected & ran VACUUM and was greeted with the
following message:

WARNING:  skipping "sql_packages" --- only table or database owner can
vacuum it

and many similar.  Guess that answers my question. ;(  I suppose I could
change ownership of all my databases to the pg_autovacuum account and
then restrict privileges, but this seems like a pain (and if someone
logged in as that users, they could alter the privileges anyway, if my
understanding of GRANT is correct).

I suppose this issue will go away when autovacuum is integrated into the
server itself in 8.1?

--
Peter Fein                 pfein@pobox.com                 773-575-0694

Basically, if you're not a utopianist, you're a schmuck. -J. Feldman

On Sat, Jul 23, 2005 at 06:43:20PM -0500, Peter Fein wrote:

> I suppose this issue will go away when autovacuum is integrated into the
> server itself in 8.1?

Yes, it already did.

--
Alvaro Herrera (<alvherre[a]alvh.no-ip.org>)
"Hoy es el primer día del resto de mi vida"