Dear Tom, > > UPDATE pg_catalog.pg_namespace > > SET nspowner=datdba, nspacl=NULL -- NULL means default rights... > > The later is simple and makes sense anyway for a newly created database. > > No, I don't think it does. The DBA presently can set up a site-wide > policy about use of "public" by altering its permissions in template1. > For example, he might revoke create access from most users. People will > be surprised if that fails to carry over to created databases.
Ok, I understand that. So that would mean switching all grantors to the owner in the aclitem array? Maybe some function would be useful for that, so as to stick to SQL: UPDATE pg_namespace SET nspowner = datdba, nspacl = aclitems_switch_grantor(nspacl, datdba) FROM ... WHERE ...; but I'm not sure adding such an horrible "user" function in pg_proc would be welcome, as aclitem accessors were removed two days ago. The alternative is to do it in C within the backend, but I would have liked the plain SQL better. Just a mater of taste, I guess. Pg backend philosophy: why writing SQL if you can do it in C? ;-) I'll have a look at it if I have time, maybe over the week-end. Thanks for your insight. -- Fabien Coelho. ---------------------------(end of broadcast)--------------------------- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly