1+ <REFENTRY ID="SQL-CREATEUSER-1">
2+ <REFMETA>
3+ <REFENTRYTITLE>
4+ CREATE USER
5+ </REFENTRYTITLE>
6+ <REFMISCINFO>SQL - Language Statements</REFMISCINFO>
7+ </REFMETA>
8+ <REFNAMEDIV>
9+ <REFNAME>
10+ CREATE USER
11+ </REFNAME>
12+ <REFPURPOSE>
13+ Creates account information for a new user
14+ </REFPURPOSE>
15+ <REFSYNOPSISDIV>
16+ <REFSYNOPSISDIVINFO>
17+ <DATE>1998-04-15</DATE>
18+ </REFSYNOPSISDIVINFO>
19+ <SYNOPSIS>
20+
21+ CREATE USER<REPLACEABLE CLASS="PARAMETER"> username</REPLACEABLE>
22+ [WITH PASSWORD <REPLACEABLE CLASS="PARAMETER">password</REPLACEABLE>]
23+ [CREATEDB | NOCREATEDB]
24+ [CREATEUSER | NOCREATEUSER]
25+ [IN GROUP <REPLACEABLE CLASS="PARAMETER">groupname</REPLACEABLE> [, ...] ]
26+ [VALID UNTIL '<REPLACEABLE CLASS="PARAMETER">abstime</REPLACEABLE>']
27+
28+
29+ </SYNOPSIS>
30+
31+ <REFSECT2 ID="R2-SQL-CREATEUSER-1">
32+ <REFSECT2INFO>
33+ <DATE>1998-04-15</DATE>
34+ </REFSECT2INFO>
35+ <TITLE>
36+ Inputs
37+ </TITLE>
38+ <PARA>
39+ </PARA>
40+ <VARIABLELIST>
41+ <VARLISTENTRY>
42+ <TERM>
43+ </TERM>
44+ <LISTITEM>
45+ <PARA>
46+ <VARIABLELIST>
47+ <VARLISTENTRY>
48+ <TERM>
49+ <ReturnValue><replaceable class="parameter">username</replaceable></ReturnValue>
50+ </TERM>
51+ <LISTITEM>
52+ <PARA>
53+ The name of the user.
54+ </PARA>
55+ </LISTITEM>
56+ </VARLISTENTRY>
57+ <VARLISTENTRY>
58+ <TERM>
59+ <ReturnValue><replaceable class="parameter">password</replaceable></ReturnValue>
60+ </TERM>
61+ <LISTITEM>
62+ <PARA>
63+ The WITH PASSWORD clause sets the user's password within
64+ the "<filename>pg_shadow</filename>" table. For this reason,
65+ <filename>"pg_shadow</filename>" is no
66+ longer accessible to the instance of PostgreSQL that the
67+ PostgreSQL user's password is initially set to NULL.
68+ <comment>The text here has got garbled.</comment>
69+ When a
70+ user's password in the "<filename>pg_shadow</filename>"
71+ table is NULL, user
72+ authentication proceeds as it historically has (HBA,
73+ PG_PASSWORD, etc). However, if a password is set for a
74+ user, a new authentication system supplants any other
75+ configured for the PostgreSQL instance, and the password
76+ stored in the "<filename>pg_shadow</filename>" table is used
77+ for authentication.
78+ For more details on how this authentication system
79+ functions see pg_crypt(3). If the WITH PASSWORD clause is
80+ omitted, the user's password is set to the empty
81+ string with equates to a NULL value in the authentication
82+ system mentioned above.
83+ </PARA>
84+ </LISTITEM>
85+ </VARLISTENTRY>
86+ <VARLISTENTRY>
87+ <TERM>
88+ <ReturnValue> CREATEDB/NOCREATEDB</ReturnValue>
89+ </TERM>
90+ <LISTITEM>
91+ <PARA>
92+ These clauses define a user's ability to create databases.
93+ If CREATEDB is specified, the user being defined will
94+ be allowed to create his own databases. Using NOCREATEDB
95+ will deny a user the ability to create databases. If this
96+ clause is omitted, NOCREATEDB is used by default.
97+ </PARA>
98+ </LISTITEM>
99+ </VARLISTENTRY>
100+ <VARLISTENTRY>
101+ <TERM>
102+ <ReturnValue>CREATEUSER/NOCREATEUSER</ReturnValue>
103+ </TERM>
104+ <LISTITEM>
105+ <PARA>
106+ These clauses determine whether a user will be permitted to
107+ create new
108+ users in an instance of PostgreSQL.
109+ Omitting this clause will set the user's value of this
110+ attribute to be NOCREATEUSER.
111+ </PARA>
112+ </LISTITEM>
113+ </VARLISTENTRY>
114+ <VARLISTENTRY>
115+ <TERM>
116+ <ReturnValue><replaceable class="parameter">groupname</replaceable></ReturnValue>
117+ </TERM>
118+ <LISTITEM>
119+ <PARA>
120+ A name of a group into which to insert the user as a new member.
121+ </PARA>
122+ </LISTITEM>
123+ </VARLISTENTRY>
124+ <VARLISTENTRY>
125+ <TERM>
126+ <ReturnValue><replaceable class="parameter">abstime</replaceable></ReturnValue>
127+ </TERM>
128+ <LISTITEM>
129+ <PARA>
130+ The VALID UNTIL clause sets an absolute time after which the
131+ user's PostgreSQL login is no longer valid. Please note that
132+ if a user does not have a password defined in the
133+ "<filename>pg_shadow</filename>"
134+ table, the valid until date will not be checked
135+ during user authentication. If this clause is omitted,
136+ a NULL value is stored in "<filename>pg_shadow</filename>"
137+ for this attribute,
138+ and the login will be valid for all time.
139+ </PARA>
140+ </LISTITEM>
141+ </VARLISTENTRY>
142+ </variablelist>
143+ </LISTITEM>
144+ </VARLISTENTRY>
145+ </VARIABLELIST>
146+ </REFSECT2>
147+
148+ <REFSECT2 ID="R2-SQL-CREATEUSER-2">
149+ <REFSECT2INFO>
150+ <DATE>1998-04-15</DATE>
151+ </REFSECT2INFO>
152+ <TITLE>
153+ Outputs
154+ </TITLE>
155+ <PARA>
156+ </PARA>
157+ <VARIABLELIST>
158+ <VARLISTENTRY>
159+ <TERM>
160+ </TERM>
161+ <LISTITEM>
162+ <PARA>
163+ <VARIABLELIST>
164+ <VARLISTENTRY>
165+ <TERM>
166+ <ReturnValue>CREATE USER</ReturnValue>
167+ </TERM>
168+ <LISTITEM>
169+ <PARA>
170+ Message returned if the command completes successfully.
171+ </PARA>
172+ </LISTITEM>
173+ </VARLISTENTRY>
174+ <VARLISTENTRY>
175+ <TERM>
176+ <ReturnValue>ERROR: removeUser: user "<replaceable class="parameter">username</replaceable>" does not exist</ReturnValue>
177+ </TERM>
178+ <LISTITEM>
179+ <PARA>
180+ if "<replaceable class="parameter">username</replaceable>" not found.
181+ </PARA>
182+ <comment>I don't understand this and I don't know how to get
183+ this error message.</comment>
184+ </LISTITEM>
185+ </VARLISTENTRY>
186+ </variablelist>
187+ </LISTITEM>
188+ </VARLISTENTRY>
189+ </VARIABLELIST>
190+ </REFSECT2>
191+ </REFSYNOPSISDIV>
192+
193+ <REFSECT1 ID="R1-SQL-CREATEUSER-1">
194+ <REFSECT1INFO>
195+ <DATE>1998-04-15</DATE>
196+ </REFSECT1INFO>
197+ <TITLE>
198+ Description
199+ </TITLE>
200+ <PARA>
201+ CREATE USER will add a new user to an instance of PostgreSQL.
202+ </PARA>
203+ <PARA>
204+ The new user will be given a <filename>usesysid</filename> of:
205+ '<command>SELECT MAX(usesysid) + 1 FROM pg_shadow</command>'.
206+ This means that
207+ PostgreSQL users' <filename>usesysid</filename>s will not
208+ correspond to their operating
209+ system(OS) user ids. The exception to this rule is
210+ the '<literal>postgres</literal>' user, whose OS user id
211+ is used as the
212+ <filename>usesysid</filename> during the initdb process.
213+ If you still want the
214+ OS user id and the <filename>usesysid</filename> to match
215+ for any given user,
216+ use the "createuser" script provided with the PostgreSQL
217+ distribution.
218+ </PARA>
219+
220+ <REFSECT2 ID="R2-SQL-CREATEUSER-3">
221+ <REFSECT2INFO>
222+ <DATE>1998-04-15</DATE>
223+ </REFSECT2INFO>
224+ <TITLE>
225+ Notes
226+ </TITLE>
227+ <PARA>
228+ CREATE USER statement is a PostgreSQL language extension.
229+ </PARA>
230+ <para>
231+ Use DROP USER or ALTER USER statements to remove or modify a user
232+ account.</para>
233+ <para>
234+ Refer to the <filename>pg_shadow</filename> table for further information.
235+ </para>
236+ <programlisting>
237+ Table = pg_shadow
238+ +--------------------------+--------------------------+-------+
239+ | Field | Type | Length|
240+ +--------------------------+--------------------------+-------+
241+ | usename | name | 32 |
242+ | usesysid | int4 | 4 |
243+ | usecreatedb | bool | 1 |
244+ | usetrace | bool | 1 |
245+ | usesuper | bool | 1 |
246+ | usecatupd | bool | 1 |
247+ | passwd | text | var |
248+ | valuntil | abstime | 4 |
249+ +--------------------------+--------------------------+-------+
250+ </programlisting>
251+ </REFSECT2>
252+
253+ <REFSECT1 ID="R1-SQL-CREATEUSER-2">
254+ <TITLE>
255+ Usage
256+ </TITLE>
257+ <PARA>
258+ Create a user with no password:
259+ </PARA>
260+ <ProgramListing>
261+ CREATE USER jonathan
262+ </ProgramListing>
263+ <PARA>
264+ Create a user with a password:
265+ </PARA>
266+ <ProgramListing>
267+ CREATE USER davide WITH PASSWORD jw8s0F4
268+ </ProgramListing>
269+ <para>
270+ Create a user with a password, whose account is valid until the end of 2001.
271+ Note that after one second has ticked in 2002, the account is not
272+ valid:
273+ </para>
274+ <ProgramListing>
275+ CREATE USER miriam WITH PASSWORD jw8s0F4 VALID UNTIL 'Jan 1 2002'
276+ </ProgramListing>
277+ <para>
278+ Create an account where the user can create databases:
279+ </para>
280+ <ProgramListing>
281+ CREATE USER manuel WITH PASSWORD jw8s0F4 CREATEDB
282+ </ProgramListing>
283+
284+ </REFSECT1>
285+
286+ <REFSECT1 ID="R1-SQL-CREATEUSER-3">
287+ <TITLE>
288+ Compatibility
289+ </TITLE>
290+ <PARA>
291+ </PARA>
292+
293+ <REFSECT2 ID="R2-SQL-CREATEUSER-4">
294+ <REFSECT2INFO>
295+ <DATE>1998-04-15</DATE>
296+ </REFSECT2INFO>
297+ <TITLE>
298+ SQL92
299+ </TITLE>
300+ <PARA>
301+ There is no CREATE USER statement in SQL92.
302+ </PARA>
303+ </REFENTRY>
304+
305+
306+ <!-- Keep this comment at the end of the file
307+ Local variables:
308+ mode: sgml
309+ sgml-omittag:t
310+ sgml-shorttag:t
311+ sgml-minimize-attributes:nil
312+ sgml-always-quote-attributes:t
313+ sgml-indent-step:1
314+ sgml-indent-data:t
315+ sgml-parent-document:nil
316+ sgml-default-dtd-file:"../reference.ced"
317+ sgml-exposed-tags:nil
318+ sgml-local-catalogs:"/usr/lib/sgml/catalog"
319+ sgml-local-ecat-files:nil
320+ End:
321+ -->
