With the postgres user, I can select the table users from the production database.
sudo -u postgres psql
\c production
You are now connected to database "production" as user "postgres".
select * from users;
....the server lists the content of the table...
The problem I have is that if I create a new user and grant access to the users, the new user cannot select it.
More especifically, I create a new user myuser and add all the privileges to the production database and to the public schema.
CREATE USER myuser WITH PASSWORD '12345678';
GRANT ALL PRIVILEGES ON DATABASE production to myuser;
GRANT
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO myuser;
GRANT
Then, I quit, log in with the new created user myuser, and choose the production database.
\q
psql -h localhost -p 5432 -d production -U myuser
\c production
But, when I try to select table users, I don't have permissions.
What's the problem?
select * from users;
ERROR: permission denied for relation users
Any help is much appreciated.
Running drop owned by <username>; gives me ERROR: permission denied to drop objects. I can login/create/insert/update/alter etc fine.
Created the db and role like so:
sudo psql -U postgres
CREATE USER <username> WITH PASSWORD '<password>';
CREATE DATABASE <dbname> OWNER <username> ;
Looking up the problem, these are some of the things I ran that did not solve the issue:
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO <username>;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO <username>;
GRANT ALL PRIVILEGES ON DATABASE <dbname> to <username>;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO <username>;
Only the owner, or a superuser, can drop an object. There is no privilege which allows dropping of an object, hence this is not something which can be granted to others.
Here is what I did:
Create user:
CREATE USER user1 WITH PASSWORD 'userpass';
Create database with owner:
createdb -U postgres database1 -O user1
But the user user1 cannot run select statements. I have to do:
GRANT SELECT ON ALL TABLES IN SCHEMA public TO user1;
GRANT USAGE ON SCHEMA public TO user1;
Why it is happening so? Any way to grant all privileges including select to user while creating database. Is owner doesn't mean he can run select queries? How to simplify this? Thanks.
I entered postgres console with sudo and did this:
create user uu with password 'uu';
create database u_db owner uu;
grant all privileges on u_db to uu;
Error: Relation u_db doesnt exist.
You have to use the keyword DATABASE for granting here. So I'm posting you the output from psql in:
postgres=# create user uu with password 'uu';
CREATE ROLE
postgres=# create database u_db owner uu;
CREATE DATABASE
postgres=# grant all privileges on u_db to uu;
FEHLER: Relation »u_db« existiert nicht
postgres=# grant all privileges on database u_db to uu;
GRANT
However. IMHO through the owner setting of database you don't need to grant extra rights for the user uu.
I tried to run simple SQL command:
select * from site_adzone;
and I got this error
ERROR: permission denied for relation site_adzone
What could be the problem here?
I tried also to do select for other tables and got same issue. I also tried to do this:
GRANT ALL PRIVILEGES ON DATABASE jerry to tom;
but I got this response from console
WARNING: no privileges were granted for "jerry"
Does anyone have any idea what can be wrong?
GRANT on the database is not what you need. Grant on the tables directly.
Granting privileges on the database mostly is used to grant or revoke connect privileges. This allows you to specify who may do stuff in the database if they have sufficient other permissions.
You want instead:
GRANT ALL PRIVILEGES ON TABLE side_adzone TO jerry;
This will take care of this issue.
Posting Ron E answer for grant privileges on all tables as it might be useful to others.
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO jerry;
Connect to the right database first, then run:
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO jerry;
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public to jerry;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public to jerry;
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public to jerry;
1st and important step is connect to your db:
psql -d yourDBName
2 step, grant privileges
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO userName;
To grant permissions to all of the existing tables in the schema use:
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA <schema> TO <role>
To specify default permissions that will be applied to future tables use:
ALTER DEFAULT PRIVILEGES IN SCHEMA <schema>
GRANT <privileges> ON TABLES TO <role>;
e.g.
ALTER DEFAULT PRIVILEGES IN SCHEMA public
GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO admin;
If you use SERIAL or BIGSERIAL columns then you will probably want to do the same for SEQUENCES, or else your INSERT will fail (Postgres 10's IDENTITY doesn't suffer from that problem, and is recommended over the SERIAL types), i.e.
ALTER DEFAULT PRIVILEGES IN SCHEMA <schema> GRANT ALL ON SEQUENCES TO <role>;
See also my answer to PostgreSQL Permissions for Web App for more details and a reusable script.
Ref:
GRANT
ALTER DEFAULT PRIVILEGES
This frequently happens when you create a table as user postgres and then try to access it as an ordinary user.
In this case it is best to log in as the postgres user and change the ownership of the table with the command:
alter table <TABLE> owner to <USER>;
Make sure you log into psql as the owner of the tables.
to find out who own the tables use \dt
psql -h CONNECTION_STRING DBNAME -U OWNER_OF_THE_TABLES
then you can run the GRANTS
You should:
connect to the database by means of the DBeaver with postgres user
on the left tab open your database
open Roles tab/dropdown
select your user
on the right tab press 'Permissions tab'
press your schema tab
press tables tab/dropdown
select all tables
select all required permissions checkboxes (or press Grant All)
press Save
As you are looking for select permissions, I would suggest you to grant only select rather than all privileges. You can do this by:
GRANT SELECT ON <table> TO <role>;
I ran into this after switching a user to another user that also needed to have the same rights, I kept getting the error: "must be owner of relation xx"
fix was to simply give all rights from old user to new user:
postgres-# Grant <old user> to <new user>;
For PostgreSQL. On bash terminal, run this:
psql db_name -c "GRANT ALL ON ALL TABLES IN SCHEMA public to db_user;"
psql db_name -c "GRANT ALL ON ALL SEQUENCES IN SCHEMA public to db_user;"
psql db_name -c "GRANT ALL ON ALL FUNCTIONS IN SCHEMA public to db_user;"