| PostgreSQL 8.0.12 Documentation | ||||
|---|---|---|---|---|
| Prev | Fast Backward | Chapter 17. Database Users and Privileges | Fast Forward | Next |
A database user may have a number of attributes that define its privileges and interact with the client authentication system.
A database superuser bypasses all permission checks. Also, only a superuser can create new users. To create a database superuser, use CREATE USER name CREATEUSER.
A user must be explicitly given permission to create databases (except for superusers, since those bypass all permission checks). To create such a user, use CREATE USER name CREATEDB.
A password is only significant if the client authentication method requires the user to supply a password when connecting to the database. The password, md5, and crypt authentication methods make use of passwords. Database passwords are separate from operating system passwords. Specify a password upon user creation with CREATE USER name PASSWORD 'string'.
A user's attributes can be modified after creation with ALTER USER. See the reference pages for the CREATE USER and ALTER USER commands for details.
A user can also set personal defaults for many of the run-time configuration settings described in Section 16.4. For example, if for some reason you want to disable index scans (hint: not a good idea) anytime you connect, you can use
ALTER USER myname SET enable_indexscan TO off;
This will save the setting (but not set it immediately). In subsequent connections by this user it will appear as though SET enable_indexscan TO off; had been executed just before the session started. You can still alter this setting during the session; it will only be the default. To undo any such setting, use ALTER USER username RESET varname;.
No comments could be found for this page.
Please use this form to add your own comments regarding your experience with particular features of PostgreSQL, clarifications of the documentation, or hints for other users. Please note, this is not a support forum, and your IP address will be logged. If you have a question or need help, please see the faq, try a mailing list, or join us on IRC. Note that submissions containing URLs or other keywords commonly found in 'spam' comments may be silently discarded. Please contact the webmaster if you think this is happening to you in error.
In order to submit a comment, you must have a community account.
* denotes required field