11<!--
2- $PostgreSQL: pgsql/doc/src/sgml/ref/alter_role.sgml,v 1.16 2010/04/03 07:22:57 petere Exp $
2+ $PostgreSQL: pgsql/doc/src/sgml/ref/alter_role.sgml,v 1.17 2010/04/21 20:54:19 tgl Exp $
33PostgreSQL documentation
44-->
55
@@ -24,7 +24,7 @@ PostgreSQL documentation
2424ALTER ROLE <replaceable class="PARAMETER">name</replaceable> [ [ WITH ] <replaceable class="PARAMETER">option</replaceable> [ ... ] ]
2525
2626<phrase>where <replaceable class="PARAMETER">option</replaceable> can be:</phrase>
27-
27+
2828 SUPERUSER | NOSUPERUSER
2929 | CREATEDB | NOCREATEDB
3030 | CREATEROLE | NOCREATEROLE
@@ -33,7 +33,7 @@ ALTER ROLE <replaceable class="PARAMETER">name</replaceable> [ [ WITH ] <replace
3333 | LOGIN | NOLOGIN
3434 | CONNECTION LIMIT <replaceable class="PARAMETER">connlimit</replaceable>
3535 | [ ENCRYPTED | UNENCRYPTED ] PASSWORD '<replaceable class="PARAMETER">password</replaceable>'
36- | VALID UNTIL '<replaceable class="PARAMETER">timestamp</replaceable>'
36+ | VALID UNTIL '<replaceable class="PARAMETER">timestamp</replaceable>'
3737
3838ALTER ROLE <replaceable class="PARAMETER">name</replaceable> RENAME TO <replaceable>new_name</replaceable>
3939
@@ -54,7 +54,7 @@ ALTER ROLE <replaceable class="PARAMETER">name</replaceable> [ IN DATABASE <repl
5454
5555 <para>
5656 The first variant of this command listed in the synopsis can change
57- many of the role attributes that can be specified in
57+ many of the role attributes that can be specified in
5858 <xref linkend="sql-createrole">.
5959 (All the possible attributes are covered,
6060 except that there are no options for adding or removing memberships; use
@@ -79,20 +79,24 @@ ALTER ROLE <replaceable class="PARAMETER">name</replaceable> [ IN DATABASE <repl
7979 password is <literal>MD5</>-encrypted.
8080 </para>
8181
82- <para>
83- The remaining variants change a role's session default for a configuration variable
84- for all databases or, when the <literal>IN DATABASE</literal> clause is specified,
85- for the named database. Whenever the role subsequently
82+ <para>
83+ The remaining variants change a role's session default for a configuration
84+ variable, either for all databases or, when the <literal>IN
85+ DATABASE</literal> clause is specified, only for sessions in
86+ the named database. Whenever the role subsequently
8687 starts a new session, the specified value becomes the session
8788 default, overriding whatever setting is present in
8889 <filename>postgresql.conf</> or has been received from the postgres
89- command line. This only happens at login time, so configuration
90- settings associated with a role to which you've <xref
91- linkend="sql-set-role"> will be ignored. Settings set to
92- a role directly are overridden by any database specific settings attached to a role.
90+ command line. This only happens at login time; executing
91+ <xref linkend="sql-set-role"> or
92+ <xref linkend="sql-set-session-authorization"> does not cause new
93+ configuration values to be set.
94+ Settings set for all databases are overridden by database-specific settings
95+ attached to a role.
9396 Superusers can change anyone's session defaults. Roles having
9497 <literal>CREATEROLE</> privilege can change defaults for non-superuser
95- roles. Certain variables cannot be set this way, or can only be
98+ roles. Ordinary roles can only set defaults for themselves.
99+ Certain configuration variables cannot be set this way, or can only be
96100 set if a superuser issues the command.
97101 </para>
98102 </refsect1>
@@ -169,14 +173,15 @@ ALTER ROLE <replaceable class="PARAMETER">name</replaceable> [ IN DATABASE <repl
169173 <literal>RESET ALL</literal> to clear all role-specific settings.
170174 <literal>SET FROM CURRENT</> saves the session's current value of
171175 the parameter as the role-specific value.
172- Ifused in conjunction with <literal>IN DATABASE</literal>, the configuration
176+ If <literal>IN DATABASE</literal> is specified , the configuration
173177 parameter is set or removed for the given role and database only.
174178 </para>
175179
176180 <para>
177- Role-specific variable setting take effect only at login;
178- <xref linkend="sql-set-role">
179- does not process role-specific variable settings.
181+ Role-specific variable settings take effect only at login;
182+ <xref linkend="sql-set-role"> and
183+ <xref linkend="sql-set-session-authorization">
184+ do not process role-specific variable settings.
180185 </para>
181186
182187 <para>
@@ -210,8 +215,8 @@ ALTER ROLE <replaceable class="PARAMETER">name</replaceable> [ IN DATABASE <repl
210215 in cleartext, and it might also be logged in the client's command
211216 history or the server log. <xref linkend="app-psql">
212217 contains a command
213- <command>\password</command> that can be used tosafely change a
214- role's password.
218+ <command>\password</command> that can be used to change a
219+ role's password without exposing the cleartext password .
215220 </para>
216221
217222 <para>
@@ -276,8 +281,8 @@ ALTER ROLE worker_bee SET maintenance_work_mem = 100000;
276281 </para>
277282
278283 <para>
279-
280- <xref linkend="guc-client-min-messages"> parameter:
284+ Give a role a non-default, database-specific setting of the
285+
281286
282287<programlisting>
283288ALTER ROLE fred IN DATABASE devel SET client_min_messages = DEBUG;
@@ -287,7 +292,7 @@ ALTER ROLE fred IN DATABASE devel SET client_min_messages = DEBUG;
287292
288293 <refsect1>
289294 <title>Compatibility</title>
290-
295+
291296 <para>
292297 The <command>ALTER ROLE</command> statement is a
293298 <productname>PostgreSQL</productname> extension.