<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>pg_authid</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REV="MADE"
HREF="mailto:pgsql-docs@postgresql.org"><LINK
REL="HOME"
TITLE="PostgreSQL 8.2.14 Documentation"
HREF="index.html"><LINK
REL="UP"
TITLE="System Catalogs"
HREF="catalogs.html"><LINK
REL="PREVIOUS"
TITLE="pg_attribute"
HREF="catalog-pg-attribute.html"><LINK
REL="NEXT"
TITLE="pg_auth_members"
HREF="catalog-pg-auth-members.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="stylesheet.css"><META
HTTP-EQUIV="Content-Type"
CONTENT="text/html; charset=ISO-8859-1"><META
NAME="creation"
CONTENT="2009-09-04T05:25:47"></HEAD
><BODY
CLASS="SECT1"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="5"
ALIGN="center"
VALIGN="bottom"
>PostgreSQL 8.2.14 Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="catalog-pg-attribute.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="catalogs.html"
>Fast Backward</A
></TD
><TD
WIDTH="60%"
ALIGN="center"
VALIGN="bottom"
>Chapter 43. System Catalogs</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="top"
><A
HREF="catalogs.html"
>Fast Forward</A
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="top"
><A
HREF="catalog-pg-auth-members.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="CATALOG-PG-AUTHID"
>43.8. <TT
CLASS="STRUCTNAME"
>pg_authid</TT
></A
></H1
><A
NAME="AEN62525"
></A
><P
> The catalog <TT
CLASS="STRUCTNAME"
>pg_authid</TT
> contains information about
database authorization identifiers (roles). A role subsumes the concepts
of <SPAN
CLASS="QUOTE"
>"users"</SPAN
> and <SPAN
CLASS="QUOTE"
>"groups"</SPAN
>. A user is essentially just a
role with the <TT
CLASS="STRUCTFIELD"
>rolcanlogin</TT
> flag set. Any role (with or
without <TT
CLASS="STRUCTFIELD"
>rolcanlogin</TT
>) may have other roles as members; see
<A
HREF="catalog-pg-auth-members.html"
><TT
CLASS="STRUCTNAME"
>pg_auth_members</TT
></A
>.
</P
><P
> Since this catalog contains passwords, it must not be publicly readable.
<A
HREF="view-pg-roles.html"
><TT
CLASS="STRUCTNAME"
>pg_roles</TT
></A
>
is a publicly readable view on
<TT
CLASS="STRUCTNAME"
>pg_authid</TT
> that blanks out the password field.
</P
><P
> <A
HREF="user-manag.html"
>Chapter 18</A
> contains detailed information about user and
privilege management.
</P
><P
> Because user identities are cluster-wide,
<TT
CLASS="STRUCTNAME"
>pg_authid</TT
>
is shared across all databases of a cluster: there is only one
copy of <TT
CLASS="STRUCTNAME"
>pg_authid</TT
> per cluster, not
one per database.
</P
><DIV
CLASS="TABLE"
><A
NAME="AEN62544"
></A
><P
><B
>Table 43-8. <TT
CLASS="STRUCTNAME"
>pg_authid</TT
> Columns</B
></P
><TABLE
BORDER="1"
CLASS="CALSTABLE"
><COL><COL><COL><COL><THEAD
><TR
><TH
>Name</TH
><TH
>Type</TH
><TH
>Description</TH
><TD
> </TD
></TR
></THEAD
><TBODY
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolname</TT
></TD
><TD
><TT
CLASS="TYPE"
>name</TT
></TD
><TD
>Role name</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolsuper</TT
></TD
><TD
><TT
CLASS="TYPE"
>bool</TT
></TD
><TD
>Role has superuser privileges</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolinherit</TT
></TD
><TD
><TT
CLASS="TYPE"
>bool</TT
></TD
><TD
>Role automatically inherits privileges of roles it is a
member of</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolcreaterole</TT
></TD
><TD
><TT
CLASS="TYPE"
>bool</TT
></TD
><TD
>Role may create more roles</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolcreatedb</TT
></TD
><TD
><TT
CLASS="TYPE"
>bool</TT
></TD
><TD
>Role may create databases</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolcatupdate</TT
></TD
><TD
><TT
CLASS="TYPE"
>bool</TT
></TD
><TD
> Role may update system catalogs directly. (Even a superuser may not do
this unless this column is true)
</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolcanlogin</TT
></TD
><TD
><TT
CLASS="TYPE"
>bool</TT
></TD
><TD
> Role may log in. That is, this role can be given as the initial
session authorization identifier
</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolconnlimit</TT
></TD
><TD
><TT
CLASS="TYPE"
>int4</TT
></TD
><TD
> For roles that can log in, this sets maximum number of concurrent
connections this role can make. -1 means no limit
</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolpassword</TT
></TD
><TD
><TT
CLASS="TYPE"
>text</TT
></TD
><TD
>Password (possibly encrypted); NULL if none</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolvaliduntil</TT
></TD
><TD
><TT
CLASS="TYPE"
>timestamptz</TT
></TD
><TD
>Password expiry time (only used for password authentication);
NULL if no expiration</TD
><TD
> </TD
></TR
><TR
><TD
><TT
CLASS="STRUCTFIELD"
>rolconfig</TT
></TD
><TD
><TT
CLASS="TYPE"
>text[]</TT
></TD
><TD
>Session defaults for run-time configuration variables</TD
><TD
> </TD
></TR
></TBODY
></TABLE
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="catalog-pg-attribute.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="catalog-pg-auth-members.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><TT
CLASS="STRUCTNAME"
>pg_attribute</TT
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="catalogs.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><TT
CLASS="STRUCTNAME"
>pg_auth_members</TT
></TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
distrib
>
Mandriva
>
2010.0
>
i586
>
media
>
contrib-release
>
by-pkgid
>
a866202fe868538f89a755dbcabc378b
>
files
>
50
