非超级用户数据库管理

Question

I am using the PostgreSql manual and other guides to setup my database environment. So far things are looking good, but I am wondering if I have a problem.

I am trying to apply this: Tip It is good practice to create a role that has the CREATEDB and CREATEROLE privileges, but is not a superuser, and then use this role for all routine management of databases and roles. This approach avoids the dangers of operating as a superuser for tasks that do not really require it.

I have already created a user for this role.

createuser --interactive --pwprompt
Enter name of role to add: Manager
Enter password for new role:
Enter it again:
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) y
Shall the new role be allowed to create more new roles? (y/n) y

...and connected to an already existing database as the new user (Manager) Or so I thought.

psql -d test
Password for user postgres:
psql (11.2)
WARNING: Console code page (437) differs from Windows code page (1252)
         8-bit characters might not work correctly. See psql reference
         page "Notes for Windows users" for details.
Type "help" for help.

test=# \c test Manager
Password for user Manager
WARNING: Console code page (437) differs from Windows code page (1252)
         8-bit characters might not work correctly. See psql reference
         page "Notes for Windows users" for details.
You are now connected to database "test" as user "Manager".
test=>

I created a table for the database "test", but on checking it,the Owner isn't Manager, but postgres.

test=> \dt
             List of relations
 Schema |     Name      | Type  |  Owner
--------+---------------+-------+----------
 public | Data-projects | table | postgres
(1 row)


test=> \dn
  List of schemas
  Name  |  Owner
--------+----------
 public | postgres
(1 row)

I am not sure if this is good. I expected the owner to be Manager. This is my first time using these tools. Can someone guide me in the right direction, please? I want Manager to manage all the databases. Wouldn't that make him owner? Thanks

Answer 1

Database test is not owned by Manager because it was created by user postgres . The user who created an object will be its owner.

However, a superuser can transfer ownership:

ALTER DATABASE test OWNED BY "Manager";

I'll give you some additional tips:

• Only use lower case letters, numbers and _ in the names of objects and users, because otherwise you always have to user double quotes for them in SQL, like I did above. That leads to needless suffering.

• Run the following to make the database more secure:

   REVOKE CREATE ON SCHEMA public FROM PUBLIC; 

• Create a new schema that will hold the objects for your application:

   CREATE SCHEMA myapp; 

• Set the search_path appropriately:

   ALTER DATABASE test SET search_path = myapp, public;