diff options
Diffstat (limited to 'doc/src/sgml/ref/create_user.sgml')
| -rw-r--r-- | doc/src/sgml/ref/create_user.sgml | 432 |
1 files changed, 222 insertions, 210 deletions
diff --git a/doc/src/sgml/ref/create_user.sgml b/doc/src/sgml/ref/create_user.sgml index 3ab3e2958d5..c0891949999 100644 --- a/doc/src/sgml/ref/create_user.sgml +++ b/doc/src/sgml/ref/create_user.sgml @@ -1,187 +1,200 @@ -<REFENTRY ID="SQL-CREATEUSER"> - <REFMETA> - <REFENTRYTITLE> +<refentry id="SQL-CREATEUSER"> + <refmeta> + <refentrytitle> CREATE USER - </REFENTRYTITLE> - <REFMISCINFO>SQL - Language Statements</REFMISCINFO> - </REFMETA> - <REFNAMEDIV> - <REFNAME> + </refentrytitle> + <refmiscinfo>SQL - Language Statements</refmiscinfo> + </refmeta> + <refnamediv> + <refname> CREATE USER - </REFNAME> - <REFPURPOSE> + </refname> + <refpurpose> Creates account information for a new user - </REFPURPOSE> + </refpurpose> </refnamediv> - <REFSYNOPSISDIV> - <REFSYNOPSISDIVINFO> - <DATE>1998-09-21</DATE> - </REFSYNOPSISDIVINFO> - <SYNOPSIS> -CREATE USER<REPLACEABLE CLASS="PARAMETER"> username</REPLACEABLE> - [ WITH PASSWORD <REPLACEABLE CLASS="PARAMETER">password</REPLACEABLE> ] + <refsynopsisdiv> + <refsynopsisdivinfo> + <date>1998-09-21</date> + </refsynopsisdivinfo> + <synopsis> +CREATE USER<replaceable class="PARAMETER"> username</replaceable> + [ WITH PASSWORD <replaceable class="PARAMETER">password</replaceable> ] [ CREATEDB | NOCREATEDB ] [ CREATEUSER | NOCREATEUSER ] - [ IN GROUP <REPLACEABLE CLASS="PARAMETER">groupname</REPLACEABLE> [, ...] ] - [ VALID UNTIL '<REPLACEABLE CLASS="PARAMETER">abstime</REPLACEABLE>' ] - </SYNOPSIS> + [ IN GROUP <replaceable class="PARAMETER">groupname</replaceable> [, ...] ] + [ VALID UNTIL '<replaceable class="PARAMETER">abstime</replaceable>' ] + </synopsis> - <REFSECT2 ID="R2-SQL-CREATEUSER-1"> - <REFSECT2INFO> - <DATE>1998-09-21</DATE> - </REFSECT2INFO> - <TITLE> + <refsect2 id="R2-SQL-CREATEUSER-1"> + <refsect2info> + <date>1998-09-21</date> + </refsect2info> + <title> Inputs - </TITLE> - <PARA> - <VARIABLELIST> - <VARLISTENTRY> - <TERM> - <ReturnValue><replaceable class="parameter">username</replaceable></ReturnValue> - </TERM> - <LISTITEM> - <PARA> - The name of the user. - </PARA> - </LISTITEM> - </VARLISTENTRY> - <VARLISTENTRY> - <TERM> - <ReturnValue><replaceable class="parameter">password</replaceable></ReturnValue> - </TERM> - <LISTITEM> - <PARA> - The WITH PASSWORD clause sets the user's password within - the "<filename>pg_shadow</filename>" table. For this reason, - <filename>"pg_shadow</filename>" is no - longer accessible to the instance of <productname>Postgres</productname> that the - <productname>Postgres</productname> user's password is initially set to NULL. - <comment>The text here has got garbled.</comment> - When a - user's password in the "<filename>pg_shadow</filename>" - table is NULL, user - authentication proceeds as it historically has (HBA, - PG_PASSWORD, etc). However, if a password is set for a - user, a new authentication system supplants any other - configured for the <productname>Postgres</productname> instance, and the password - stored in the "<filename>pg_shadow</filename>" table is used - for authentication. - For more details on how this authentication system - functions see pg_crypt(3). If the WITH PASSWORD clause is - omitted, the user's password is set to the empty - string with equates to a NULL value in the authentication - system mentioned above. - </PARA> - </LISTITEM> - </VARLISTENTRY> - <VARLISTENTRY> - <TERM> - <ReturnValue> CREATEDB/NOCREATEDB</ReturnValue> - </TERM> - <LISTITEM> - <PARA> - These clauses define a user's ability to create databases. - If CREATEDB is specified, the user being defined will - be allowed to create his own databases. Using NOCREATEDB - will deny a user the ability to create databases. If this - clause is omitted, NOCREATEDB is used by default. - </PARA> - </LISTITEM> - </VARLISTENTRY> - <VARLISTENTRY> - <TERM> - <ReturnValue>CREATEUSER/NOCREATEUSER</ReturnValue> - </TERM> - <LISTITEM> - <PARA> - These clauses determine whether a user will be permitted to - create new - users in an instance of <productname>Postgres</productname>. - Omitting this clause will set the user's value of this - attribute to be NOCREATEUSER. - </PARA> - </LISTITEM> - </VARLISTENTRY> - <VARLISTENTRY> - <TERM> - <ReturnValue><replaceable class="parameter">groupname</replaceable></ReturnValue> - </TERM> - <LISTITEM> - <PARA> - A name of a group into which to insert the user as a new member. - </PARA> - </LISTITEM> - </VARLISTENTRY> - <VARLISTENTRY> - <TERM> - <ReturnValue><replaceable class="parameter">abstime</replaceable></ReturnValue> - </TERM> - <LISTITEM> - <PARA> - The VALID UNTIL clause sets an absolute time after which the - user's <productname>Postgres</productname> login is no longer valid. Please note that - if a user does not have a password defined in the - "<filename>pg_shadow</filename>" - table, the valid until date will not be checked - during user authentication. If this clause is omitted, - a NULL value is stored in "<filename>pg_shadow</filename>" - for this attribute, - and the login will be valid for all time. - </PARA> - </LISTITEM> - </VARLISTENTRY> + </title> + <para> + <variablelist> + <varlistentry> + <term> + <returnvalue><replaceable class="parameter">username</replaceable></returnvalue> + </term> + <listitem> + <para> + The name of the user. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + <returnvalue><replaceable class="parameter">password</replaceable></returnvalue> + </term> + <listitem> + <para> + The WITH PASSWORD clause sets the user's password within + the "<filename>pg_shadow</filename>" table. For this reason, + <filename>"pg_shadow</filename>" is no + longer accessible to the instance of + <productname>Postgres</productname> that the + <productname>Postgres</productname> + user's password is initially set to NULL. + </para> + <para> + When a + user's password in the "<filename>pg_shadow</filename>" + table is NULL, user + authentication proceeds as it historically has (HBA, + PG_PASSWORD, etc). However, if a password is set for a + user, a new authentication system supplants any other + configured for the <productname>Postgres</productname> + instance, and the password + stored in the "<filename>pg_shadow</filename>" table is used + for authentication. + For more details on how this authentication system + functions see pg_crypt(3). If the WITH PASSWORD clause is + omitted, the user's password is set to the empty + string which equates to a NULL value in the authentication + system mentioned above. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + <returnvalue> CREATEDB/NOCREATEDB</returnvalue> + </term> + <listitem> + <para> + These clauses define a user's ability to create databases. + If CREATEDB is specified, the user being defined will + be allowed to create his own databases. Using NOCREATEDB + will deny a user the ability to create databases. If this + clause is omitted, NOCREATEDB is used by default. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + <returnvalue>CREATEUSER/NOCREATEUSER</returnvalue> + </term> + <listitem> + <para> + These clauses determine whether a user will be permitted to + create new + users in an instance of <productname>Postgres</productname>. + Omitting this clause will set the user's value of this + attribute to be NOCREATEUSER. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + <returnvalue><replaceable class="parameter">groupname</replaceable></returnvalue> + </term> + <listitem> + <para> + A name of a group into which to insert the user as a new member. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + <returnvalue><replaceable class="parameter">abstime</replaceable></returnvalue> + </term> + <listitem> + <para> + The VALID UNTIL clause sets an absolute time after which the + user's <productname>Postgres</productname> + login is no longer valid. Please note that + if a user does not have a password defined in the + "<filename>pg_shadow</filename>" + table, the valid until date will not be checked + during user authentication. If this clause is omitted, + a NULL value is stored in "<filename>pg_shadow</filename>" + for this attribute, + and the login will be valid for all time. + </para> + </listitem> + </varlistentry> </variablelist> </para> - </REFSECT2> + </refsect2> - <REFSECT2 ID="R2-SQL-CREATEUSER-2"> - <REFSECT2INFO> - <DATE>1998-09-21</DATE> - </REFSECT2INFO> - <TITLE> + <refsect2 id="R2-SQL-CREATEUSER-2"> + <refsect2info> + <date>1998-09-21</date> + </refsect2info> + <title> Outputs - </TITLE> - <PARA> - </PARA> - <VARIABLELIST> - <VARLISTENTRY> - <TERM> - <ReturnValue>CREATE USER</ReturnValue> - </TERM> - <LISTITEM> - <PARA> - Message returned if the command completes successfully. - </PARA> - </LISTITEM> - </VARLISTENTRY> - <VARLISTENTRY> - <TERM> - <ReturnValue>ERROR: removeUser: user "<replaceable class="parameter">username</replaceable>" does not exist</ReturnValue> - </TERM> - <LISTITEM> - <PARA> - if "<replaceable class="parameter">username</replaceable>" not found. - </PARA> - <comment>I don't understand this and I don't know how to get - this error message.</comment> - </listitem> - </varlistentry> - </VARIABLELIST> - </REFSECT2> - </REFSYNOPSISDIV> + </title> + + <para> + <variablelist> + <varlistentry> + <term> + <returnvalue>CREATE USER</returnvalue> + </term> + <listitem> + <para> + Message returned if the command completes successfully. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + <returnvalue>ERROR: removeUser: user "<replaceable + class="parameter">username</replaceable>" does not exist</returnvalue> + </term> + <listitem> + <para> + if "<replaceable class="parameter">username</replaceable>" not found. + </para> + <comment>I don't understand this and I don't know how to get + this error message.</comment> + </listitem> + </varlistentry> + </variablelist> + </para> + </refsect2> + </refsynopsisdiv> - <REFSECT1 ID="R1-SQL-CREATEUSER-1"> - <REFSECT1INFO> - <DATE>1998-09-21</DATE> - </REFSECT1INFO> - <TITLE> + <refsect1 id="R1-SQL-CREATEUSER-1"> + <refsect1info> + <date>1998-09-21</date> + </refsect1info> + <title> Description - </TITLE> - <PARA> + </title> + <para> CREATE USER will add a new user to an instance of <productname>Postgres</productname>. - </PARA> - <PARA> + </para> + <para> The new user will be given a <filename>usesysid</filename> of: '<command>SELECT MAX(usesysid) + 1 FROM pg_shadow</command>'. This means that @@ -196,18 +209,18 @@ CREATE USER<REPLACEABLE CLASS="PARAMETER"> username</REPLACEABLE> for any given user, use the "createuser" script provided with the <productname>Postgres</productname> distribution. - </PARA> + </para> - <REFSECT2 ID="R2-SQL-CREATEUSER-3"> - <REFSECT2INFO> - <DATE>1998-09-21</DATE> - </REFSECT2INFO> - <TITLE> + <refsect2 id="R2-SQL-CREATEUSER-3"> + <refsect2info> + <date>1998-09-21</date> + </refsect2info> + <title> Notes - </TITLE> - <PARA> + </title> + <para> CREATE USER statement is a <productname>Postgres</productname> language extension. - </PARA> + </para> <para> Use DROP USER or ALTER USER statements to remove or modify a user account.</para> @@ -229,68 +242,67 @@ CREATE USER<REPLACEABLE CLASS="PARAMETER"> username</REPLACEABLE> | valuntil | abstime | 4 | +--------------------------+--------------------------+-------+ </programlisting> - </REFSECT2> + </refsect2> </refsect1> - <REFSECT1 ID="R1-SQL-CREATEUSER-2"> - <TITLE> + <refsect1 id="R1-SQL-CREATEUSER-2"> + <title> Usage - </TITLE> - <PARA> + </title> + <para> Create a user with no password: - </PARA> - <ProgramListing> + </para> + <programlisting> CREATE USER jonathan - </ProgramListing> - <PARA> + </programlisting> + <para> Create a user with a password: - </PARA> - <ProgramListing> + </para> + <programlisting> CREATE USER davide WITH PASSWORD jw8s0F4 - </ProgramListing> + </programlisting> <para> Create a user with a password, whose account is valid until the end of 2001. Note that after one second has ticked in 2002, the account is not valid: </para> - <ProgramListing> + <programlisting> CREATE USER miriam WITH PASSWORD jw8s0F4 VALID UNTIL 'Jan 1 2002' - </ProgramListing> + </programlisting> <para> Create an account where the user can create databases: </para> - <ProgramListing> + <programlisting> CREATE USER manuel WITH PASSWORD jw8s0F4 CREATEDB - </ProgramListing> + </programlisting> - </REFSECT1> + </refsect1> - <REFSECT1 ID="R1-SQL-CREATEUSER-3"> - <TITLE> + <refsect1 id="R1-SQL-CREATEUSER-3"> + <title> Compatibility - </TITLE> - <PARA> - </PARA> + </title> + <para> + </para> - <REFSECT2 ID="R2-SQL-CREATEUSER-4"> - <REFSECT2INFO> - <DATE>1998-09-21</DATE> - </REFSECT2INFO> - <TITLE> + <refsect2 id="R2-SQL-CREATEUSER-4"> + <refsect2info> + <date>1998-09-21</date> + </refsect2info> + <title> SQL92 - </TITLE> - <PARA> + </title> + <para> There is no CREATE USER statement in SQL92. - </PARA> + </para> </refsect2> </refsect1> -</REFENTRY> - +</refentry> <!-- Keep this comment at the end of the file Local variables: mode: sgml -sgml-omittag:t +sgml-omittag:nil sgml-shorttag:t sgml-minimize-attributes:nil sgml-always-quote-attributes:t |