Re: Permission Denied to Regular Read/Write User to Create New Partitioned Table
| От | Laurenz Albe |
|---|---|
| Тема | Re: Permission Denied to Regular Read/Write User to Create New Partitioned Table |
| Дата | |
| Msg-id | 092337ddb6c1320edd7ab512bac807f5c0ea259b.camel@cybertec.at обсуждение исходный текст |
| Ответ на | Permission Denied to Regular Read/Write User to Create New Partitioned Table ("Hilbert, Karin" <ioh1@psu.edu>) |
| Ответы |
Re: Permission Denied to Regular Read/Write User to Create New Partitioned Table
|
| Список | pgsql-novice |
On Thu, 2020-11-05 at 14:25 +0000, Hilbert, Karin wrote: > We normally create our databases & objects with a DB Owner account & the application > connects with a regular user account that has read/write permissions. > For GITLAB, the application updates the database as required during the application upgrade. > We allow the application to connect as the DB Owner account only during those times & > switch back to the regular account when the upgrade is done. > > However, with the latest application upgrade, GITLAB is now using partitioned tables. > When the table reaches a certain size, the application tries to create a new partitioned > table, which errors out for the regular user account: > > 2020-11-03 18:21:31 EST [56435]: [88-1] db=xxxxxx,user=xxxxxx ERROR: permission denied for schema gitlab_partitions_dynamicat character 28 > 2020-11-03 18:21:31 EST [56435]: [89-1] db=xxxxxx,user=xxxxxx STATEMENT: CREATE TABLE IF NOT EXISTS "gitlab_partitions_dynamic"."audit_events_part_5fc467ac26_202105" > > I tried to solve the error by granting the regular user acct "usage, create" on the schema: Yes, granting CREATE on the schema is the proper remedy for that error. > psql -d xxxxxx -U xxxxxxxxxx -c "grant usage, create on schema gitlab_partitions_dynamic to xxxxxx;" > > Now we're getting a "must be owner" error: > > 2020-11-04 12:21:17 EST [28013]: [420-1] db=xxxxxx,user=xxxxxx ERROR: must be owner of table audit_events_part_5fc467ac26 > 2020-11-04 12:21:17 EST [28013]: [421-1] db=xxxxxx,user=xxxxxx STATEMENT: CREATE TABLE IF NOT EXISTS "gitlab_partitions_dynamic"."audit_events_part_5fc467ac26_202105" Seems that the user is trying to create a partition for a table that it doesn't own. You must be the owner of a table to create a new partition for it. If that happens during regular operation, your only choice will be to make the application user the owner of the partitioned table (or a member of the owner). I guess you cannot modify the application code, right? Yours, Laurenz Albe -- Cybertec | https://www.cybertec-postgresql.com
В списке pgsql-novice по дате отправления: