From 6c1261465470f1487fba0f3439bbdf3ff2cea818 Mon Sep 17 00:00:00 2001 From: Karen Arutyunov Date: Fri, 29 Dec 2023 15:32:45 +0300 Subject: Adjust installation notes/script to comply with PostgreSQL 15 and above --- INSTALL | 11 +++++++++++ INSTALL-DEV | 11 +++++++++++ etc/private/install/brep-install | 9 +++++++++ 3 files changed, 31 insertions(+) diff --git a/INSTALL b/INSTALL index ebcf851..79d698f 100644 --- a/INSTALL +++ b/INSTALL @@ -171,6 +171,17 @@ CREATE USER MAPPING FOR PUBLIC SERVER package_server OPTIONS (user 'brep-build', password '-'); +Note that starting with PostgreSQL 15 only the database owner can create the +objects in the public schema by default. Thus, if the PostgreSQL version is 15 +or above, then all the privileges on this schema in the created databases need +to be granted explicitly by the postgres user to the brep user: + +\c brep_package +GRANT ALL PRIVILEGES ON SCHEMA public TO brep; + +\c brep_build +GRANT ALL PRIVILEGES ON SCHEMA public TO brep; + Exit psql (^D) The user brep-build is required (by the postgres_fdw extension) to login with diff --git a/INSTALL-DEV b/INSTALL-DEV index ee9f980..8ebc5a3 100644 --- a/INSTALL-DEV +++ b/INSTALL-DEV @@ -55,6 +55,17 @@ CREATE USER "www-data" INHERIT IN ROLE ; CREATE USER "brep-build" INHERIT IN ROLE PASSWORD '-'; +Note that starting with PostgreSQL 15 only the database owner can create the +objects in the public schema by default. Thus, if the PostgreSQL version is 15 +or above, then all the privileges on this schema in the created databases need +to be granted explicitly by the postgres user to : + +\c brep_package +GRANT ALL PRIVILEGES ON SCHEMA public TO ; + +\c brep_build +GRANT ALL PRIVILEGES ON SCHEMA public TO ; + Exit psql (^D), then make sure the logins work: $ psql -d brep_package diff --git a/etc/private/install/brep-install b/etc/private/install/brep-install index 29c3310..37179c2 100755 --- a/etc/private/install/brep-install +++ b/etc/private/install/brep-install @@ -271,6 +271,12 @@ GRANT ALL PRIVILEGES ON DATABASE brep_package, brep_build TO brep; CREATE USER "www-data" INHERIT IN ROLE brep; CREATE USER "brep-build" INHERIT IN ROLE brep PASSWORD '-'; + +\c brep_package +GRANT ALL PRIVILEGES ON SCHEMA public TO brep; + +\c brep_build +GRANT ALL PRIVILEGES ON SCHEMA public TO brep; EOF # Create the "staging" package database for the submit-pub package submission @@ -284,6 +290,9 @@ LC_COLLATE 'en_US.UTF8' LC_CTYPE 'en_US.UTF8'; GRANT ALL PRIVILEGES ON DATABASE brep_submit_package TO brep; + +\c brep_submit_package +GRANT ALL PRIVILEGES ON SCHEMA public TO brep; EOF # Make sure the 'brep' and Apache2 user's logins work properly. -- cgit v1.1