Menu
I am trying to drop a role 'xyz' that was previously the owner of the schema with the same name 'xyz'. I altered the schema ownership as below, and run reassigned ownership just in case (although all tables were created by a different user with superuser power). So I run all these:
alter schema xyz owner to postgres;
reassign owned by xyz to postgres;
alter default privileges in schema seeds revoke all on tables from xyz cascade;
alter default privileges in schema seeds revoke all on sequences from xyz cascade;
alter default privileges in schema seeds revoke all on functions from xyz cascade;
And still getting the error:
drop role xyz;
ERROR: role "xyz" cannot be dropped because some objects depend on it
DETAIL: owner of default privileges on new relations belonging to role xyz in schema xyz
Also FYI:
postgres=# \du rsi
List of roles
Role name | Attributes | Member of
-----------+----------------+-----------
rsi | No inheritance | {}
What am I missing? Any help would be appreciated! Thanks!!
862
As explained in Section 5.7, the default privileges for any object type normally grant all grantable permissions to the object owner, and may grant some privileges to PUBLIC as well. However, this behavior can be changed by altering the global default privileges with ALTER DEFAULT PRIVILEGES .
Using a SQL query SELECT nspname, -- schema name defaclobjtype, -- object type defaclacl -- default access privileges FROM pg_default_acl a JOIN pg_namespace b ON a. defaclnamespace=b. oid; Where the value of defaclobjtype is r = relation (table, view), S = sequence, f = function.
A role cannot be dropped or removed if it is still referenced in any database of the cluster. An error will occur if this is attempted. Before dropping the role, drop all the objects it owns (or reassign their ownership). Revoke any privileges the role has been granted on other objects.
Taken from the PostgreSQL documentation on ALTER DEFAULT PRIVILEGES, Notes section:
If you wish to drop a role for which the default privileges have been altered, it is necessary to reverse the changes in its default privileges or use DROP OWNED BY to get rid of the default privileges entry for the role.
Another worthy mention from the documentation regarding DROP OWNED BY in this case is also that
Because DROP OWNED only affects the objects in the current database, it is usually necessary to execute this command in each database that contains objects owned by a role that is to be removed.
Therefore, your mileage may vary, meaning that you may have to issue the statement in more DBs.
Having received the same messages as mentioned in the question, I've tried out the DROP OWNED BY statement and it worked. Hope this helps!
159
First run command :
DROP OWNED BY xyz;
then:
DROP ROLE xyz;
Read PostgreSQL Documentation regarding Drop Owned By.
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
