diff --git a/doc/src/sgml/ref/createuser.sgml b/doc/src/sgml/ref/createuser.sgml
index a2efe9d7897b42132da98ce7c7ac88bfe1b5a3fe..3656349f5e3604ffa7c448f5b78c69c333eb208e 100644
--- a/doc/src/sgml/ref/createuser.sgml
+++ b/doc/src/sgml/ref/createuser.sgml
@@ -1,5 +1,5 @@
<!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/createuser.sgml,v 1.41 2005/05/29 03:32:18 momjian Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/createuser.sgml,v 1.42 2005/08/14 20:16:02 tgl Exp $
PostgreSQL documentation
-->
@@ -32,24 +32,24 @@ PostgreSQL documentation
<title>Description</title>
<para>
<application>createuser</application> creates a
- new <productname>PostgreSQL</productname> user.
- Only superusers (users with <literal>usesuper</literal> set in
- the <literal>pg_shadow</literal> table) can create
- new <productname>PostgreSQL</productname> users,
- so <application>createuser</application> must be
- invoked by someone who can connect as a <productname>PostgreSQL</productname>
- superuser.
+ new <productname>PostgreSQL</productname> user (or more precisely, a role).
+ Only superusers and users with <literal>CREATEROLE</> privilege can create
+ new users, so <application>createuser</application> must be
+ invoked by someone who can connect as a superuser or a user with
+ <literal>CREATEROLE</> privilege.
</para>
<para>
- Being a superuser also implies the ability to bypass access permission
+ If you wish to create a new superuser, you must connect as a
+ superuser, not merely with <literal>CREATEROLE</> privilege.
+ Being a superuser implies the ability to bypass all access permission
checks within the database, so superuserdom should not be granted lightly.
</para>
<para>
<application>createuser</application> is a wrapper around the
- <acronym>SQL</acronym> command <xref linkend="SQL-CREATEUSER"
- endterm="SQL-CREATEUSER-title">.
+ <acronym>SQL</acronym> command <xref linkend="SQL-CREATEROLE"
+ endterm="SQL-CREATEROLE-title">.
There is no effective difference between creating users via
this utility and via other methods for accessing the server.
</para>
@@ -70,32 +70,28 @@ PostgreSQL documentation
<para>
Specifies the name of the <productname>PostgreSQL</productname> user
to be created.
- This name must be unique among all users of this
+ This name must be different from all existing roles in this
<productname>PostgreSQL</productname> installation.
</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><option>-a</></term>
- <term><option>--adduser</></term>
+ <term><option>-s</></term>
+ <term><option>--superuser</></term>
<listitem>
<para>
- The new user is allowed to create other users.
- (Note: Actually, this makes the new user a <emphasis>superuser</>.
- The option is poorly named.)
+ The new user will be a superuser.
</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><option>-A</></term>
- <term><option>--no-adduser</></term>
+ <term><option>-S</></term>
+ <term><option>--no-superuser</></term>
<listitem>
<para>
- The new user is not allowed to create other users (i.e.,
- the new user is a regular user, not a superuser).
- This is the default.
+ The new user will not be a superuser.
</para>
</listitem>
</varlistentry>
@@ -105,7 +101,7 @@ PostgreSQL documentation
<term><option>--createdb</></term>
<listitem>
<para>
- The new user is allowed to create databases.
+ The new user will be allowed to create databases.
</para>
</listitem>
</varlistentry>
@@ -115,52 +111,86 @@ PostgreSQL documentation
<term><option>--no-createdb</></term>
<listitem>
<para>
- The new user is not allowed to create databases.
- This is the default.
+ The new user will not be allowed to create databases.
</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><option>-e</></term>
- <term><option>--echo</></term>
+ <term><option>-r</></term>
+ <term><option>--createrole</></term>
<listitem>
<para>
- Echo the commands that <application>createuser</application> generates
- and sends to the server.
+ The new user will be allowed to create new roles (that is,
+ this user will have <literal>CREATEROLE</> privilege).
</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><option>-E</></term>
- <term><option>--encrypted</></term>
+ <term><option>-R</></term>
+ <term><option>--no-createrole</></term>
<listitem>
<para>
- Encrypts the user's password stored in the database. If not
- specified, the default password behavior is used.
+ The new user will not be allowed to create new roles.
</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><option>-i <replaceable class="parameter">number</replaceable></></term>
- <term><option>--sysid <replaceable class="parameter">number</replaceable></></term>
+ <term><option>-l</></term>
+ <term><option>--login</></term>
<listitem>
<para>
- Allows you to pick a non-default user ID for the new user. This is not
- necessary, but some people like it.
+ The new user will be allowed to log in (that is, the user name
+ can be used as the initial session user identifier).
+ This is the default.
</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><option>-N</></term>
- <term><option>--unencrypted</></term>
+ <term><option>-L</></term>
+ <term><option>--no-login</></term>
<listitem>
<para>
- Does not encrypt the user's password stored in the database. If
- not specified, the default password behavior is used.
+ The new user will not be allowed to log in.
+ (A role without login privilege is still useful as a means of
+ managing database permissions.)
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-i</></term>
+ <term><option>--inherit</></term>
+ <listitem>
+ <para>
+ The new role will automatically inherit privileges of roles
+ it is a member of.
+ This is the default.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-I</></term>
+ <term><option>--no-inherit</></term>
+ <listitem>
+ <para>
+ The new role will not automatically inherit privileges of roles
+ it is a member of.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-c <replaceable class="parameter">number</replaceable></></term>
+ <term><option>--conn-limit <replaceable class="parameter">number</replaceable></></term>
+ <listitem>
+ <para>
+ Set a maximum number of connections for the new user.
+ The default is to set no limit.
</para>
</listitem>
</varlistentry>
@@ -177,6 +207,39 @@ PostgreSQL documentation
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>-E</></term>
+ <term><option>--encrypted</></term>
+ <listitem>
+ <para>
+ Encrypts the user's password stored in the database. If not
+ specified, the default password behavior is used.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-N</></term>
+ <term><option>--unencrypted</></term>
+ <listitem>
+ <para>
+ Does not encrypt the user's password stored in the database. If
+ not specified, the default password behavior is used.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-e</></term>
+ <term><option>--echo</></term>
+ <listitem>
+ <para>
+ Echo the commands that <application>createuser</application> generates
+ and sends to the server.
+ </para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term><option>-q</></term>
<term><option>--quiet</></term>
@@ -204,10 +267,10 @@ PostgreSQL documentation
<term><option>--host <replaceable class="parameter">host</replaceable></></term>
<listitem>
<para>
- Specifies the host name of the machine on which the
- server
- is running. If the value begins with a slash, it is used
- as the directory for the Unix domain socket.
+ Specifies the host name of the machine on which the
+ server
+ is running. If the value begins with a slash, it is used
+ as the directory for the Unix domain socket.
</para>
</listitem>
</varlistentry>
@@ -217,9 +280,9 @@ PostgreSQL documentation
<term><option>--port <replaceable class="parameter">port</replaceable></></term>
<listitem>
<para>
- Specifies the TCP port or local Unix domain socket file
- extension on which the server
- is listening for connections.
+ Specifies the TCP port or local Unix domain socket file
+ extension on which the server
+ is listening for connections.
</para>
</listitem>
</varlistentry>
@@ -272,8 +335,8 @@ PostgreSQL documentation
<title>Diagnostics</title>
<para>
- In case of difficulty, see <xref linkend="SQL-CREATEUSER"
- endterm="sql-createuser-title"> and <xref linkend="APP-PSQL"> for
+ In case of difficulty, see <xref linkend="SQL-CREATEROLE"
+ endterm="sql-createrole-title"> and <xref linkend="APP-PSQL"> for
discussions of potential problems and error messages.
The database server must be running at the
targeted host. Also, any default connection settings and environment
@@ -292,8 +355,9 @@ PostgreSQL documentation
server:
<screen>
<prompt>$ </prompt><userinput>createuser joe</userinput>
-<computeroutput>Shall the new user be allowed to create databases? (y/n) </computeroutput><userinput>n</userinput>
-<computeroutput>Shall the new user be allowed to create more new users? (y/n) </computeroutput><userinput>n</userinput>
+<computeroutput>Shall the new role be a superuser? (y/n) </computeroutput><userinput>n</userinput>
+<computeroutput>Shall the new role be allowed to create databases? (y/n) </computeroutput><userinput>n</userinput>
+<computeroutput>Shall the new role be allowed to create more new roles? (y/n) </computeroutput><userinput>n</userinput>
<computeroutput>CREATE USER</computeroutput>
</screen>
</para>
@@ -303,9 +367,9 @@ PostgreSQL documentation
server on host <literal>eden</>, port 5000, avoiding the prompts and
taking a look at the underlying command:
<screen>
-<prompt>$ </prompt><userinput>createuser -h eden -p 5000 -D -A -e joe</userinput>
-<computeroutput>CREATE USER joe NOCREATEDB NOCREATEUSER;</computeroutput>
-<computeroutput>CREATE USER</computeroutput>
+<prompt>$ </prompt><userinput>createuser -h eden -p 5000 -S -D -R -e joe</userinput>
+<computeroutput>CREATE ROLE joe NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;</computeroutput>
+<computeroutput>CREATE ROLE</computeroutput>
</screen>
</para>
@@ -313,11 +377,11 @@ PostgreSQL documentation
To create the user <literal>joe</literal> as a superuser,
and assign a password immediately:
<screen>
-<prompt>$ </prompt><userinput>createuser -P -d -a -e joe</userinput>
-<computeroutput>Enter password for new user: </computeroutput><userinput>xyzzy</userinput>
+<prompt>$ </prompt><userinput>createuser -P -s -e joe</userinput>
+<computeroutput>Enter password for new role: </computeroutput><userinput>xyzzy</userinput>
<computeroutput>Enter it again: </computeroutput><userinput>xyzzy</userinput>
-<computeroutput>CREATE USER joe PASSWORD 'xyzzy' CREATEDB CREATEUSER;</computeroutput>
-<computeroutput>CREATE USER</computeroutput>
+<computeroutput>CREATE ROLE joe PASSWORD 'xyzzy' SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN;</computeroutput>
+<computeroutput>CREATE ROLE</computeroutput>
</screen>
In the above example, the new password isn't actually echoed when typed,
but we show what was typed for clarity. However the password
@@ -333,7 +397,7 @@ PostgreSQL documentation
<simplelist type="inline">
<member><xref linkend="app-dropuser"></member>
- <member><xref linkend="sql-createuser" endterm="sql-createuser-title"></member>
+ <member><xref linkend="sql-createrole" endterm="sql-createrole-title"></member>
<member>Environment Variables (<xref linkend="libpq-envars">)</member>
</simplelist>
</refsect1>
diff --git a/src/bin/scripts/createuser.c b/src/bin/scripts/createuser.c
index db85837952d9864eb6934f6ff84e8670d7acbaeb..eba4d1be52238078b1e920428e6d2ffbf3d9bfda 100644
--- a/src/bin/scripts/createuser.c
+++ b/src/bin/scripts/createuser.c
@@ -5,7 +5,7 @@
* Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/bin/scripts/createuser.c,v 1.17 2005/06/21 04:02:33 tgl Exp $
+ * $PostgreSQL: pgsql/src/bin/scripts/createuser.c,v 1.18 2005/08/14 20:16:03 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@@ -30,9 +30,18 @@ main(int argc, char *argv[])
{"quiet", no_argument, NULL, 'q'},
{"createdb", no_argument, NULL, 'd'},
{"no-createdb", no_argument, NULL, 'D'},
+ {"superuser", no_argument, NULL, 's'},
+ {"no-superuser", no_argument, NULL, 'S'},
+ {"createrole", no_argument, NULL, 'r'},
+ {"no-createrole", no_argument, NULL, 'R'},
+ {"inherit", no_argument, NULL, 'i'},
+ {"no-inherit", no_argument, NULL, 'I'},
+ {"login", no_argument, NULL, 'l'},
+ {"no-login", no_argument, NULL, 'L'},
+ /* adduser is obsolete, undocumented spelling of superuser */
{"adduser", no_argument, NULL, 'a'},
{"no-adduser", no_argument, NULL, 'A'},
- {"sysid", required_argument, NULL, 'i'},
+ {"conn-limit", required_argument, NULL, 'c'},
{"pwprompt", no_argument, NULL, 'P'},
{"encrypted", no_argument, NULL, 'E'},
{"unencrypted", no_argument, NULL, 'N'},
@@ -51,8 +60,11 @@ main(int argc, char *argv[])
bool echo = false;
bool quiet = false;
int createdb = 0;
- int adduser = 0;
- char *sysid = NULL;
+ int superuser = 0;
+ int createrole = 0;
+ int inherit = 0;
+ int login = 0;
+ char *conn_limit = NULL;
bool pwprompt = false;
int encrypted = 0; /* 0 uses server default */
char *newpassword = NULL;
@@ -67,7 +79,8 @@ main(int argc, char *argv[])
handle_help_version_opts(argc, argv, "createuser", help);
- while ((c = getopt_long(argc, argv, "h:p:U:WeqaAdDi:PEN", long_options, &optindex)) != -1)
+ while ((c = getopt_long(argc, argv, "h:p:U:WeqdDsSaArRiIlLc:PEN",
+ long_options, &optindex)) != -1)
{
switch (c)
{
@@ -89,20 +102,40 @@ main(int argc, char *argv[])
case 'q':
quiet = true;
break;
- case 'a':
- adduser = +1;
- break;
- case 'A':
- adduser = -1;
- break;
case 'd':
createdb = +1;
break;
case 'D':
createdb = -1;
break;
+ case 's':
+ case 'a':
+ superuser = +1;
+ break;
+ case 'S':
+ case 'A':
+ superuser = -1;
+ break;
+ case 'r':
+ createrole = +1;
+ break;
+ case 'R':
+ createrole = -1;
+ break;
case 'i':
- sysid = optarg;
+ inherit = +1;
+ break;
+ case 'I':
+ inherit = -1;
+ break;
+ case 'l':
+ login = +1;
+ break;
+ case 'L':
+ login = -1;
+ break;
+ case 'c':
+ conn_limit = optarg;
break;
case 'P':
pwprompt = true;
@@ -133,26 +166,15 @@ main(int argc, char *argv[])
exit(1);
}
- if (sysid)
- {
- char *endptr;
-
- if (strtol(sysid, &endptr, 10) <= 0 || *endptr != '\0')
- {
- fprintf(stderr, _("%s: user ID must be a positive number\n"), progname);
- exit(1);
- }
- }
-
if (newuser == NULL)
- newuser = simple_prompt("Enter name of user to add: ", 128, true);
+ newuser = simple_prompt("Enter name of role to add: ", 128, true);
if (pwprompt)
{
char *pw1,
*pw2;
- pw1 = simple_prompt("Enter password for new user: ", 100, false);
+ pw1 = simple_prompt("Enter password for new role: ", 100, false);
pw2 = simple_prompt("Enter it again: ", 100, false);
if (strcmp(pw1, pw2) != 0)
{
@@ -163,33 +185,61 @@ main(int argc, char *argv[])
free(pw2);
}
+ if (superuser == 0)
+ {
+ char *reply;
+
+ reply = simple_prompt("Shall the new role be a superuser? (y/n) ", 1, true);
+ if (check_yesno_response(reply) == 1)
+ superuser = +1;
+ else
+ superuser = -1;
+ }
+
+ if (superuser == +1)
+ {
+ /* Not much point in trying to restrict a superuser */
+ createdb = +1;
+ createrole = +1;
+ }
+
if (createdb == 0)
{
char *reply;
- reply = simple_prompt("Shall the new user be allowed to create databases? (y/n) ", 1, true);
+ reply = simple_prompt("Shall the new role be allowed to create databases? (y/n) ", 1, true);
if (check_yesno_response(reply) == 1)
createdb = +1;
else
createdb = -1;
}
- if (adduser == 0)
+ if (createrole == 0)
{
char *reply;
- reply = simple_prompt("Shall the new user be allowed to create more new users? (y/n) ", 1, true);
+ reply = simple_prompt("Shall the new role be allowed to create more new roles? (y/n) ", 1, true);
if (check_yesno_response(reply) == 1)
- adduser = +1;
+ createrole = +1;
else
- adduser = -1;
+ createrole = -1;
+ }
+
+ if (inherit == 0)
+ {
+ /* silently default to YES */
+ inherit = +1;
+ }
+
+ if (login == 0)
+ {
+ /* silently default to YES */
+ login = +1;
}
initPQExpBuffer(&sql);
- printfPQExpBuffer(&sql, "CREATE USER %s", fmtId(newuser));
- if (sysid)
- appendPQExpBuffer(&sql, " SYSID %s", sysid);
+ printfPQExpBuffer(&sql, "CREATE ROLE %s", fmtId(newuser));
if (newpassword)
{
if (encrypted == +1)
@@ -199,14 +249,28 @@ main(int argc, char *argv[])
appendPQExpBuffer(&sql, " PASSWORD ");
appendStringLiteral(&sql, newpassword, false);
}
+ if (superuser == +1)
+ appendPQExpBuffer(&sql, " SUPERUSER");
+ if (superuser == -1)
+ appendPQExpBuffer(&sql, " NOSUPERUSER");
if (createdb == +1)
appendPQExpBuffer(&sql, " CREATEDB");
if (createdb == -1)
appendPQExpBuffer(&sql, " NOCREATEDB");
- if (adduser == +1)
- appendPQExpBuffer(&sql, " CREATEUSER");
- if (adduser == -1)
- appendPQExpBuffer(&sql, " NOCREATEUSER");
+ if (createrole == +1)
+ appendPQExpBuffer(&sql, " CREATEROLE");
+ if (createrole == -1)
+ appendPQExpBuffer(&sql, " NOCREATEROLE");
+ if (inherit == +1)
+ appendPQExpBuffer(&sql, " INHERIT");
+ if (inherit == -1)
+ appendPQExpBuffer(&sql, " NOINHERIT");
+ if (login == +1)
+ appendPQExpBuffer(&sql, " LOGIN");
+ if (login == -1)
+ appendPQExpBuffer(&sql, " NOLOGIN");
+ if (conn_limit != NULL)
+ appendPQExpBuffer(&sql, " CONNECTION LIMIT %s", conn_limit);
appendPQExpBuffer(&sql, ";\n");
conn = connectDatabase("postgres", host, port, username, password, progname);
@@ -217,7 +281,7 @@ main(int argc, char *argv[])
if (PQresultStatus(result) != PGRES_COMMAND_OK)
{
- fprintf(stderr, _("%s: creation of new user failed: %s"),
+ fprintf(stderr, _("%s: creation of new role failed: %s"),
progname, PQerrorMessage(conn));
PQfinish(conn);
exit(1);
@@ -226,7 +290,7 @@ main(int argc, char *argv[])
PQfinish(conn);
if (!quiet)
{
- puts("CREATE USER");
+ puts("CREATE ROLE");
fflush(stdout);
}
exit(0);
@@ -236,18 +300,25 @@ main(int argc, char *argv[])
static void
help(const char *progname)
{
- printf(_("%s creates a new PostgreSQL user.\n\n"), progname);
+ printf(_("%s creates a new PostgreSQL role.\n\n"), progname);
printf(_("Usage:\n"));
printf(_(" %s [OPTION]... [USERNAME]\n"), progname);
printf(_("\nOptions:\n"));
- printf(_(" -a, --adduser user can add new users\n"));
- printf(_(" -A, --no-adduser user cannot add new users\n"));
- printf(_(" -d, --createdb user can create new databases\n"));
- printf(_(" -D, --no-createdb user cannot create databases\n"));
- printf(_(" -P, --pwprompt assign a password to new user\n"));
+ printf(_(" -s, --superuser role will be superuser\n"));
+ printf(_(" -S, --no-superuser role will not be superuser\n"));
+ printf(_(" -d, --createdb role can create new databases\n"));
+ printf(_(" -D, --no-createdb role cannot create databases\n"));
+ printf(_(" -r, --createrole role can create new roles\n"));
+ printf(_(" -R, --no-createrole role cannot create roles\n"));
+ printf(_(" -l, --login role can login (default)\n"));
+ printf(_(" -L, --no-login role cannot login\n"));
+ printf(_(" -i, --inherit role inherits permissions of roles\n"));
+ printf(_(" it is a member of (default)\n"));
+ printf(_(" -I, --no-inherit role does not inherit permissions\n"));
+ printf(_(" -c, --conn-limit=N max connections for role (default: no limit)\n"));
+ printf(_(" -P, --pwprompt assign a password to new role\n"));
printf(_(" -E, --encrypted encrypt stored password\n"));
printf(_(" -N, --unencrypted do not encrypt stored password\n"));
- printf(_(" -i, --sysid=SYSID select sysid for new user\n"));
printf(_(" -e, --echo show the commands being sent to the server\n"));
printf(_(" -q, --quiet don't write any messages\n"));
printf(_(" --help show this help, then exit\n"));
@@ -257,7 +328,7 @@ help(const char *progname)
printf(_(" -p, --port=PORT database server port\n"));
printf(_(" -U, --username=USERNAME user name to connect as (not the one to create)\n"));
printf(_(" -W, --password prompt for password to connect\n"));
- printf(_("\nIf one of -a, -A, -d, -D, and USERNAME is not specified, you will\n"
- "be prompted interactively.\n"));
+ printf(_("\nIf one of -s, -S, -d, -D, -r, -R and USERNAME is not specified,\n"
+ "you will be prompted interactively.\n"));
printf(_("\nReport bugs to <pgsql-bugs@postgresql.org>.\n"));
}