comparison: setup/postgres/psql_create_database.sql
setup/postgres/psql_create_database.sql
- changeset 5
- 131903fc16b8
- parent 2
- fcb452578142
- child 16
- 4e0998805276
equal
deleted
inserted
replaced
| 4:a89240b61819 | 5:131903fc16b8 |
|---|---|
| 1 -- Create a database owner role, which has no login permissions. | |
| 2 -- You can either: | |
| 3 -- 1) login as default user and switch the user | |
| 4 -- 2) decide to override this decision and give login permissions | |
| 5 -- 3) use your superuser of choice to manage the database (not recommended!) | |
| 6 create role lightpit_dbo with password 'lpit_dbo_changeme'; | |
| 7 | |
| 8 -- Create the actual (unprivileged) database user | |
| 9 create user lightpit_user with password 'lpit_user_changeme'; | |
| 10 | |
| 11 -- Create the LightPIT schema | |
| 12 create schema lightpit authorization lightpit_dbo; | |
| 13 grant usage on schema lightpit to lightpit_user; | |
| 14 | |
| 15 -- Grant basic privileges to user (the granting user must be the dbo) | |
| 16 alter default privileges for role lightpit_dbo in schema lightpit | |
| 17 grant select, insert, update, delete on tables to lightpit_user; | |
| 18 alter default privileges for role lightpit_dbo in schema lightpit | |
| 19 grant usage, select on sequences to lightpit_user; | |
| 20 alter default privileges for role lightpit_dbo in schema lightpit | |
| 21 grant execute on functions to lightpit_user; | |
| 22 alter default privileges for role lightpit_dbo in schema lightpit | |
| 23 grant usage on types to lightpit_user; | |
| 24 | |
| 25 -- restrict the search path to the lightpit schema | |
| 26 alter role lightpit_dbo set search_path to lightpit; | |
| 27 alter role lightpit_user set search_path to lightpit; |
