Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit1392042

Browse files
committed
Point out that --adduser actually makes the new user a superuser. This
was mentioned on the man page for the underlying CREATE USER command,but it should be explained here too.
1 parenta164407 commit1392042

File tree

1 file changed

+24
-12
lines changed

1 file changed

+24
-12
lines changed

‎doc/src/sgml/ref/createuser.sgml

Lines changed: 24 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$Header: /cvsroot/pgsql/doc/src/sgml/ref/createuser.sgml,v 1.23 2002/01/20 22:19:56 petere Exp $
2+
$Header: /cvsroot/pgsql/doc/src/sgml/ref/createuser.sgml,v 1.24 2002/02/1319:32:17 tgl Exp $
33
PostgreSQL documentation
44
-->
55

@@ -79,7 +79,7 @@ PostgreSQL documentation
7979
<term>-d, --createdb</term>
8080
<listitem>
8181
<para>
82-
Allows thenew user to create databases.
82+
Thenew user is allowed to create databases.
8383
</para>
8484
</listitem>
8585
</varlistentry>
@@ -88,7 +88,7 @@ PostgreSQL documentation
8888
<term>-D, --no-createdb</term>
8989
<listitem>
9090
<para>
91-
Forbids thenew user to create databases.
91+
Thenew user is not allowed to create databases.
9292
</para>
9393
</listitem>
9494
</varlistentry>
@@ -97,7 +97,9 @@ PostgreSQL documentation
9797
<term>-a, --adduser</term>
9898
<listitem>
9999
<para>
100-
Allows the new user to create other users.
100+
The new user is allowed to create other users.
101+
(Note: actually, this makes the new user a <firstterm>superuser</>.
102+
The option is poorly named.)
101103
</para>
102104
</listitem>
103105
</varlistentry>
@@ -106,7 +108,8 @@ PostgreSQL documentation
106108
<term>-A, --no-adduser</term>
107109
<listitem>
108110
<para>
109-
Forbids the new user to create other users.
111+
The new user is not allowed to create other users (i.e.,
112+
the new user is a regular user not a superuser).
110113
</para>
111114
</listitem>
112115
</varlistentry>
@@ -215,9 +218,17 @@ PostgreSQL documentation
215218
<para>
216219
<application>createuser</application> creates a
217220
new <productname>PostgreSQL</productname> user.
218-
Only users with <literal>usesuper</literal> set in
219-
the <literal>pg_shadow</literal> table can create
220-
new <productname>PostgreSQL</productname> users.
221+
Only superusers (users with <literal>usesuper</literal> set in
222+
the <literal>pg_shadow</literal> table) can create
223+
new <productname>PostgreSQL</productname> users,
224+
so <application>createuser</application> must be
225+
invoked by someone who is a <productname>PostgreSQL</productname>
226+
superuser.
227+
</para>
228+
229+
<para>
230+
Being a superuser also implies the ability to bypass access permission
231+
checks within the database, so superuser-dom should not be granted lightly.
221232
</para>
222233

223234
<para>
@@ -227,10 +238,11 @@ PostgreSQL documentation
227238
the <productname>PostgreSQL</productname> interactive terminal
228239
<xref linkend="APP-PSQL">. Thus, there is nothing
229240
special about creating users via this or other methods. This means
230-
that the <application>psql</application> must be found by the script and that
231-
a database server is running at the targeted host. Also, any default
232-
settings and environment variables available to <application>psql</application>
233-
and the <application>libpq</application> front-end library do apply.
241+
that the <application>psql</application> application must be found by the
242+
script and that
243+
a database server must be running at the targeted host. Also, any default
244+
settings and environment variables used by <application>psql</application>
245+
and the <application>libpq</application> front-end library will apply.
234246
</para>
235247

236248
</refsect1>

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp