Participants
PG Bug reporting form
PG Bug reporting form
Laurenz Albe
Laurenz Albe
Attachments
Show all attachments
Thread Outline
#1PG Bug reporting formPG Bug reporting form
Jun 12, 2025
#2Laurenz AlbeLaurenz Albeto PG Bug reporting form (#1)
Jun 12, 2025

wrong statement in the https://www.postgresql.org/docs/current/predefined-roles.html

Started by PG Bug reporting form10 months ago2 messagesdocs
Jump to latest
#1PG Bug reporting form
PG Bug reporting form
noreply@postgresql.org

The following documentation comment has been logged on the website:

Page: https://www.postgresql.org/docs/14/predefined-roles.html
Description:

Page: https://www.postgresql.org/docs/current/predefined-roles.html
Wrong statement: "Administrators (including roles that have the CREATEROLE
privilege) can GRANT these roles to users and/or other roles in their
environment, providing those users with access to the specified capabilities
and information."
Suggested statement: "SUPERUSER or roles granted with the ADMIN option on
the particular predifined roles can GRANT these roles other roles, providing
those users with access to the specified capabilities and information."
Testcase:
postgres=> create role bob;
CREATE ROLE
postgres=> grant pg_checkpoint to bob;
ERROR: permission denied to grant role "pg_checkpoint"
DETAIL: Only roles with the ADMIN option on role "pg_checkpoint" may grant
this role.
postgres=> grant pg_create_subscription to bob;
ERROR: permission denied to grant role "pg_create_subscription"
DETAIL: Only roles with the ADMIN option on role "pg_create_subscription"
may grant this role.

#2Laurenz Albe
Laurenz Albe
laurenz.albe@cybertec.at
In reply to: PG Bug reporting form (#1)
Re: wrong statement in the https://www.postgresql.org/docs/current/predefined-roles.html

On Thu, 2025-06-12 at 08:19 +0000, PG Doc comments form wrote:

The following documentation comment has been logged on the website:

Page: https://www.postgresql.org/docs/14/predefined-roles.html
Description:

Page: https://www.postgresql.org/docs/current/predefined-roles.html
Wrong statement: "Administrators (including roles that have the CREATEROLE
privilege) can GRANT these roles to users and/or other roles in their
environment, providing those users with access to the specified capabilities
and information."
Suggested statement: "SUPERUSER or roles granted with the ADMIN option on
the particular predifined roles can GRANT these roles other roles, providing
those users with access to the specified capabilities and information."
Testcase:
postgres=> create role bob;
CREATE ROLE
postgres=> grant pg_checkpoint to bob;
ERROR: permission denied to grant role "pg_checkpoint"
DETAIL: Only roles with the ADMIN option on role "pg_checkpoint" may grant
this role.
postgres=> grant pg_create_subscription to bob;
ERROR: permission denied to grant role "pg_create_subscription"
DETAIL: Only roles with the ADMIN option on role "pg_create_subscription"
may grant this role.

+1

That looks like a clear oversight.

Yours,
Laurenz Albe

← Back to Topics