非互換
ADMIN OPTIONが指定されたロールであれば、ALTER GROUP ... ADD USERコマンドの実行の際にCREATEROLE権限が不要になります。
postgres=# CREATE ROLE role_1 LOGIN; CREATE ROLE postgres=# CREATE ROLE role_2 LOGIN; CREATE ROLE postgres=# CREATE ROLE grp; CREATE ROLE postgres=# GRANT grp TO role_1 WITH ADMIN OPTION; GRANT ROLE postgres=# \c postgres role_1 You are now connected to database "postgres" as user "role_1". postgres=> ALTER GROUP grp ADD USER role_2; ERROR: permission denied STATEMENT: ALTER GROUP grp ADD USER role_2;
postgres=# CREATE ROLE role_1 LOGIN; CREATE ROLE postgres=# CREATE ROLE role_2 LOGIN; CREATE ROLE postgres=# CREATE ROLE postgres=# GRANT grp TO role_1 WITH ADMIN OPTION; GRANT ROLE postgres=# \c postgres role_1 You are now connected to database "postgres" as user "role_1". postgres=> ALTER GROUP grp ADD USER role_2; ALTER ROLE
対処方法
ありません。
