> rhaas=# create user bob; > CREATE ROLE > rhaas=# create schema we_like_bob; > CREATE SCHEMA > rhaas=# alter default privileges for role bob in schema we_like_bob > grant select on tables to bob; > ERROR: permission denied for schema we_like_bob > rhaas=# grant create on schema we_like_bob to bob; > GRANT > rhaas=# alter default privileges for role bob in schema we_like_bob > grant select on tables to bob; > ALTER DEFAULT PRIVILEGES
Hmmmm. Must have got something tangled up there; starting over with a clean database and new users I got it to work. I'll see if I can reproduce the issue I'm getting on my production schema. This moves the general brokenness of this feature from a bug to (a) a documentation issue and (b) unusably fussy. For (a), I think we need the following line in the docs: DEFAULT PRIVILEGES may only be granted to a ROLE which already has CREATE permission on the specified schema. For (b), I'll take it up in the 9.4 dev cycle. -- Josh Berkus PostgreSQL Experts Inc. http://pgexperts.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
