我想对PostgreSQL数据库进行数据库备份。 我是在现有数据库上完成此操作的:
sudo -u postgres psql oder psql -U postgres
CREATE USER backup;
ALTER USER backup WITH PASSWORD 'new_password';
GRANT CONNECT ON DATABASE confluence TO backup;
GRANT CONNECT ON DATABASE taiga TO backup;
GRANT USAGE ON SCHEMA public TO backup;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO backup;
ALTER DEFAULT PRIVILEGES IN SCHEMA public
GRANT SELECT ON TABLES TO backup;
如果我运行pg_dump -Fc confluence > dumpfile,我会得到
pg_dump: [archiver (db)] query failed: ERROR: permission denied for relation EVENTS
pg_dump: [archiver (db)] query was: LOCK TABLE public."EVENTS" IN ACCESS SHARE MODE
在Permission denied for relation中,我读到这会有所帮助:
GRANT ALL PRIVILEGES ON TABLE confluence TO backup;
我想知道这是否是将所有特权授予没有权限写数据库的备份用户的正确方法。我希望它是一个只读用户。 这是废话吗?
您建议我改为做什么?
答案 0 :(得分:0)
除了授予对数据库的 CONNECT 权限和对所有表(在公共模式中)的 SELECT 权限外,您还需要授予对所有序列(在公共模式中)的select公共模式)。
GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO <user>
总结:
--Create user
CREATE USER backup;
ALTER USER backup WITH PASSWORD 'new_password';
--Grant read only privileges
GRANT CONNECT ON DATABASE <database> TO backup;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO backup;
GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO backup; -- new!
--Automatically grant read only privileges on new tables
ALTER DEFAULT PRIVILEGES IN SCHEMA public
GRANT SELECT ON TABLES TO backup;