Is it true that it is IMPOSSIBLE to create a readonly backup user in PostgreSQL?
I've been advised on an IRC channel that you simply can't have a backup only user with no ownership privileges. I find it very strange so I want to make sure I'm not missing something.
Below is what I tried but it doesn't give me the results I'm looking for. When I do pg_dump
on a given table I'm getting Permission denied for relation...
:
GRANT SELECT ON ALL TABLES IN SCHEMA public TO backup;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO backup;
GRANT SELECT, USAGE ON ALL SEQUENCES IN SCHEMA public TO backup;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, USAGE ON SEQUENCES TO backup;
Any help would be greatly appreciated!
Best Answer
No, it's easy (now anyway).
Grant the connect permission on a new user
Grant the permissions on all the current database objects. This is schema-specific, and you'll have to run one copy for every schema you wish for your user to use,
From the docs,
ALL TABLES
includes everything you'd want.Then
ALTER DEFAULT PRIVLEGES
to grant futureSELECT
privileges for objects not yet created.