I'm setting up postgres backend for Airflow metadata DB using the following sqlalchemy connection string:
sql_alchemy_conn = postgresql+psycopg2://<user>:<pass>#<host>:5432/<db>
When I run initdb/upgradedb, the tables are created in public schema.
Is there a way to create the tables in a specified schema?
Can the schema where I would like the tables to be created be specified as part of the connection string?
From the docs:
Also note that since SqlAlchemy does not expose a way to target a specific schema in the Postgres connection URI, you may want to set a default schema for your role with a command similar to ALTER ROLE username SET search_path = airflow, foobar;
So, connect to postgres, and set the search path for your user.
Related
I just installed a new Postgresql 15 server on Debian 11 and configured postgresql.conf to allow remote connections by un-commenting the following line.
listen_addresses = '*'
I also created a new user and database using the commands below
su postgres psql
postgres=# create database exampledomain;
postgres=# create user exampledomain with encrypted password 'mypassword';
postgres=# grant all privileges on database exampledomain to exampledomain;
I also added the following line to pg_hba.conf so the new user can connect from a remote connection
host exampledomain exampledomain 0.0.0.0/0 md5
I am able to connect to the exampledomain database using username "exampledomain". However when trying to create a new table under the public schema using DBeaver
CREATE TABLE public.newtable (
id varchar NULL
);
I get the following message
ERROR: permission denied for schema public
Position: 14
With older versions of Postgresql, that's all the steps I had to do in order to create tables. With Postgresql 15 do I need to any additional steps?
With Postgresql 15 do I need to any additional steps?
Yes. Postgres 15 changed the permissions on the public schema for security reasons:
Quote from the release notes
Remove PUBLIC creation permission on the public schema (Noah Misch)
The new default is one of the secure schema usage patterns that Section 5.9.6 has recommended since the security release for CVE-2018-1058. The change applies to new database clusters and to newly-created databases in existing clusters. Upgrading a cluster or restoring a database dump will preserve public's existing permissions.
For existing databases, especially those having multiple users, consider revoking CREATE permission on the public schema to adopt this new default. For new databases having no need to defend against insider threats, granting CREATE permission will yield the behavior of prior releases.
So if you want a user to be able to create table in the public schema, you need to grant those privileges:
grant usage,create on schema public to exampledomain
I've cloned this Github repository PostgreSQL VM via Vagrant. Been trying to create a new schema test but it always ends up under postgres database. Considering the create database is named myapp, how can I create the test schema under myapp database?
I've been trying to add this script under the Vagrant-setup/bootstrap.sh.
cat << EOF | su - postgres -c psql myapp
create schema test;
EOF
As a reference it may help to check your connection string in order to ensure you are connected to the right database. The official postgresql documentation is quite helpful here:
https://www.postgresql.org/docs/current/libpq-connect.html
This may help as well for understanding the format:
What is the format for the PostgreSQL connection string / URL?
Outside of that you will have to ensure permissions are set appropriately for the user to create schemas in the database and to configure the search_path for easy access to objects under the schema.
I have existing schema for prisma.
I copied the table from another schema to be included in the Prisma schema.
But when I run prisma db pull new table doesn't appear in Prisma schema.
Why?
If you use supabase and running this command and it returns something like this 'The following models were commented out because we couldn't retrieve columns for them. Please check your privileges.' or something similar regarding privileges, the solution is to go to your SQL editor from supabase and put this command and execute it
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO postgres;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO postgres;
You're misinterpreting the function of the prisma db pull command.
From the docs
The db pull command connects to your database and adds Prisma models to your Prisma schema that reflect the current database schema.
Basically, it will make your Prisma schema match the existing database schema. What you want is the opposite here: Update the database schema to match the current Prisma schema.
You can do this in two ways:
If you want to update the database and keep the changes in your migration history, use the prisma migrate dev command. More Info
If you just want to update the database without creating a migration, use the prisma db push command. More info
More information is available in the docs explaining how you should choose between 1 and 2.
I had a similar issue once and a quick check confirmed for me that it was the lack of security permissions granted for prisma on new table in the database itself.
Try this:
Note the name of the database user that Prisma connects to the database with. You'll likely find this via your schema.prisma file, or perhaps via a DATABASE_URL config setting in the related .env file if you're using that with prisma.
Go into the database itself and ensure that database user which Prisma connects with has been granted sufficient security privileges to that new table. (note: what 'sufficient' is I cannot say since it depends on your own needs. At a guess, I'd say at least 'select' permission would be needed.)
Once you've ensure that user has sufficient privileges, try running a prisma db pull command once again.
For reference, another thing you could do is:
cross-check against one of the other tables that is already in your database that works correctly with prisma.
compare the security privileges of that old table with the security privileges of the new table and see if there are any differences.
I had a foreign table set up in Postgres 10. The role "role1" has been granted usage on the foreign server (fs) that was set up using the postgres superuser.
I imported the table using the import schema command:
IMPORT FOREIGN SCHEMA f_schema LIMIT TO (my_fdw_table) FROM fs INTO ls;
That worked fine.
However, when I try to query the table I get the following error:
SELECT * FROM my_fdw_table LIMIT 1;
ERROR: permission denied for view my_fdw_table
CONTEXT: remote SQL command: ...
My understanding is that FDW should treat views and tables the same.
It looks like the remote user that you used in the user mapping for your local user and the foreign server does not have the required permissions on the table (or the schema that contains it).
User "role1" should create user mapping for itself like:
CREATE USER MAPPING FOR role1 SERVER fs OPTIONS (USER 'role1', PASSWORD 'password1');
IMPORT FOREIGN SCHEMA f_schema LIMIT TO (my_fdw_table) FROM SERVER fs INTO ls;
Also, if "role1" is not an owner of the database, it should get access from its owner:
GRANT USAGE ON SCHEMA ls TO role1;
Assuming ls is local schema.
Can I change PostgreSQL database schema in WSO2 IS? For default, it is public, but I want to change it to my custom one.
Please, help.
EXPLANATION:
I connected PostgreSQL database as primary database into WSO2 IS. First run wso2server.bat with -Dsetup parameter and all database tables was created in public schema of connected database.
I hope, that I can change default public schema to my own, for example wso2.
Yes it's possible. You have to modify the db scripts to use the custom schema with following line at the scripts.
SET search_path TO wso2;
Then set the search_path to include the schema you are using.
Refer the post here for more detailed steps.