版权声明:本文为博主原创文章,转载请标明出处。 https://blog.csdn.net/ctypyb2002/article/details/85341101
os: ubuntu 16.04
db: postgresql 9.6.8
创建用例
$ psql
psql (9.6.8)
Type "help" for help.
postgres=#
postgres=# create database peiybdb;
postgres=# revoke all privileges on database peiybdb from public; #database禁用public权限
postgres=# \c peiybdb;
peiybdb=# create schema peiyb;
peiybdb=# revoke all privileges on schema public from public; #database禁用public权限
peiybdb=# revoke all privileges on schema peiyb from public; #database禁用public权限
peiybdb=# create table peiyb.tmp_t0(c0 varchar(100),c1 varchar(100));
peiybdb=# insert into peiyb.tmp_t0 select id::varchar,id::varchar from generate_series(1,10) as id;
上面创建的 database,public schema 移除了 public 。
只读用户,只读指定schema
peiybdb=# create user usr_readonly with password 'usr_readonly';
peiybdb=# alter user usr_readonly set default_transaction_read_only=on;
peiybdb=#
peiybdb=# grant connect,temporary,temp on database peiybdb to usr_readonly;
peiybdb=# grant usage on schema peiyb,public to usr_readonly;
peiybdb=# grant select on all tables in schema peiyb,public to usr_readonly;
peiybdb=#
peiybdb=# alter default privileges in schema peiyb,public grant select on tables to usr_readonly;
peiybdb=#