aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--INSTALL11
-rw-r--r--INSTALL-DEV11
-rwxr-xr-xetc/private/install/brep-install9
3 files changed, 31 insertions, 0 deletions
diff --git a/INSTALL b/INSTALL
index ebcf851..79d698f 100644
--- a/INSTALL
+++ b/INSTALL
@@ -171,6 +171,17 @@ CREATE USER MAPPING FOR PUBLIC
SERVER package_server
OPTIONS (user 'brep-build', password '-');
+Note that starting with PostgreSQL 15 only the database owner can create the
+objects in the public schema by default. Thus, if the PostgreSQL version is 15
+or above, then all the privileges on this schema in the created databases need
+to be granted explicitly by the postgres user to the brep user:
+
+\c brep_package
+GRANT ALL PRIVILEGES ON SCHEMA public TO brep;
+
+\c brep_build
+GRANT ALL PRIVILEGES ON SCHEMA public TO brep;
+
Exit psql (^D)
The user brep-build is required (by the postgres_fdw extension) to login with
diff --git a/INSTALL-DEV b/INSTALL-DEV
index ee9f980..8ebc5a3 100644
--- a/INSTALL-DEV
+++ b/INSTALL-DEV
@@ -55,6 +55,17 @@ CREATE USER "www-data" INHERIT IN ROLE <user>;
CREATE USER "brep-build" INHERIT IN ROLE <user> PASSWORD '-';
+Note that starting with PostgreSQL 15 only the database owner can create the
+objects in the public schema by default. Thus, if the PostgreSQL version is 15
+or above, then all the privileges on this schema in the created databases need
+to be granted explicitly by the postgres user to <user>:
+
+\c brep_package
+GRANT ALL PRIVILEGES ON SCHEMA public TO <user>;
+
+\c brep_build
+GRANT ALL PRIVILEGES ON SCHEMA public TO <user>;
+
Exit psql (^D), then make sure the logins work:
$ psql -d brep_package
diff --git a/etc/private/install/brep-install b/etc/private/install/brep-install
index 29c3310..37179c2 100755
--- a/etc/private/install/brep-install
+++ b/etc/private/install/brep-install
@@ -271,6 +271,12 @@ GRANT ALL PRIVILEGES ON DATABASE brep_package, brep_build TO brep;
CREATE USER "www-data" INHERIT IN ROLE brep;
CREATE USER "brep-build" INHERIT IN ROLE brep PASSWORD '-';
+
+\c brep_package
+GRANT ALL PRIVILEGES ON SCHEMA public TO brep;
+
+\c brep_build
+GRANT ALL PRIVILEGES ON SCHEMA public TO brep;
EOF
# Create the "staging" package database for the submit-pub package submission
@@ -284,6 +290,9 @@ LC_COLLATE 'en_US.UTF8'
LC_CTYPE 'en_US.UTF8';
GRANT ALL PRIVILEGES ON DATABASE brep_submit_package TO brep;
+
+\c brep_submit_package
+GRANT ALL PRIVILEGES ON SCHEMA public TO brep;
EOF
# Make sure the 'brep' and Apache2 user's logins work properly.