堆栈内存溢出
  简体   繁体   English

权限被拒绝复制数据库

[英]Permission denied to copy database

 原文  2017-08-18 23:12:58       postgresql/ roles/ postgresql-9.5

问题描述

I'm still getting used to the concept of roles in Postgres. 我仍然习惯于Postgres中的角色概念。

I'm trying to create a role, migrator , that will have the ability to read from a production db and use it as a template to make stage and dev databases. 我正在尝试创建一个角色, migrator ,它将能够从生产数据库中读取并将其用作模板来创建stage和dev数据库。

I've created this role migrator originally like so: 我最初创建了这个角色migrator

CREATE ROLE migrator LOGIN ENCRYPTED PASSWORD '<password>'

and proceeded to restrict access to the prod database: 并继续限制对prod数据库的访问: 

REVOKE ALL ON DATABASE prod FROM PUBLIC;
GRANT CONNECT ON DATABASE prod TO migrator;
/* switch to prod database */
GRANT USAGE ON SCHEMA public TO migrator;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO migrator;
GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO migrator;

After trying a CREATE DATABASE stage TEMPLATE prod; 在尝试CREATE DATABASE stage TEMPLATE prod; and getting an error, I had to alter the role to create a db: 并且得到一个错误,我不得不改变角色来创建一个db: 

ALTER ROLE migrator CREATEDB;

and tried again. 并再次尝试。 This time I got the error: ERROR: permission denied to copy database "prod" 这次我收到错误: ERROR: permission denied to copy database "prod"

And again, I tried to add the replication permission to the migrator role (not sure if this is correct, as the manual says this is a very elevated permission) 我再次尝试将复制权限添加到迁移器角色(不确定这是否正确,因为手册中说这是一个非常高级的权限) 

ALTER ROLE migrator REPLICATION;

however, I still get the same error. 但是,我仍然得到同样的错误。

UPDATE: I've figured out that this has something to do with who owns the database; 更新:我发现这与谁拥有数据库有关; however, my problem remains. 但是,我的问题仍然存在。 How can I allow another role with just READ privileges the ability to copy a database as well? 如何只允许具有READ权限的其他角色复制数据库? I looked at role inheritance, but at first glance it looks like the inheriting role will just get the same permissions as the parent role. 我查看了角色继承,但初看起来, 继承角色看起来只会获得与父角色相同的权限。

1 个解决方案

解决方案1
 2 已采纳  2017-08-21 19:08:19

It's not possible to copy a database unless the logged-in role is an owner or the database is flagged as a template : 除非登录角色是所有者或数据库被标记为模板,否则无法复制数据库:

datistemplate can be set to indicate that a database is intended as a template for CREATE DATABASE. 可以设置datistemplate以指示数据库是否用作CREATE DATABASE的模板。 If this flag is set, the database can be cloned by any user with CREATEDB privileges; 如果设置了此标志,则具有CREATEDB权限的任何用户都可以克隆数据库; if it is not set, only superusers and the owner of the database can clone it. 如果未设置,则只有超级用户和数据库的所有者才能克隆它。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 createdb:拒绝创建数据库的权限 - createdb: permission denied to create database 对数据库“ postgres”的Heroku权限被拒绝 - Heroku permission denied for database “postgres” AWS Ec2 postgres \\ copy…:权限被拒绝 - AWS Ec2 postgres \copy…: permission denied Postgresql 从 Windows 复制的权限被拒绝 - Postgresql Permission denied for Copy from on Windows PostgreSQL 9.6 数据库上的关系权限被拒绝 - Permission denied for relation on PostgreSQL 9.6 database 在 Django 中创建数据库测试视图的权限被拒绝 - Permission denied to create database testing views in Django 在 Postges 数据库中存储图像的问题 - 权限被拒绝 - Issue storing images in Postges database - permission denied COPY 中的权限被拒绝,将 ec2 上的 postgres 逻辑复制到 postgres rds - permission denied in COPY, logical replication for postgres on ec2 to postgres rds postgres COPY FROM上的权限被拒绝但文件夹具有读取权限 - Permission denied on postgres COPY FROM but folders have read permissions Postgres:我正在尝试将表格复制到显示“权限被拒绝”的文件中 - Postgres: I'm trying to copy a table to a file it shows “Permission denied”
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM