Open search page
Hello, I’m DocuDroid!
Open Ask AI page
Submitting feedback
Thank you for rating our AI Search!
We would be grateful if you could share your thoughts so we can improve our AI Search for you and other readers.
GitHub

createuser

Creates a new role.

Synopsis

createuser [ <connection-option> ... ]
           [ <role_attribute> ... ]
           [ -e ]
           <role_name>

createuser -? | --help

createuser -V | --version

Description

createuser creates a new Greengage DB role. You must be a superuser or have the CREATEROLE privilege to create new roles. You must connect to the database as a superuser to create new superusers.

Superusers can bypass all access permission checks within the database, so superuser privileges should not be granted lightly.

createuser is a wrapper around the SQL command CREATE ROLE.

Options

<role_name>

The name of the role to be created. This name must be different from all existing roles in this Greengage DB installation.

-c <number> | --connection-limit=<number>

Set a maximum number of connections for the new role. The default is to set no limit.

-d | --createdb

The new role will be allowed to create databases.

-D | --no-createdb

The new role will not be allowed to create databases. This is the default.

-e | --echo

Echo the commands that createuser generates and sends to the server.

-E | --encrypted

Encrypt the role’s password stored in the database. If not specified, the default password behavior is used.

-g <role> | --role=<role>

Make the new role a member of the specified role. This option can be specified multiple times to add the new role to multiple roles.

-i | --inherit

The new role will automatically inherit privileges of roles it is a member of. This is the default.

-I | --no-inherit

The new role will not automatically inherit privileges of roles it is a member of.

--interactive

Prompt for the user name if none is specified on the command line, and also prompt for whichever of the options -d/-D, -r/-R, -s/-S is not specified on the command line.

-l | --login

The new role will be allowed to log in. This is the default.

-L | --no-login

The new role will not be allowed to log in (a group-level role).

-N | --unencrypted

Do not encrypt the role’s password stored in the database. If not specified, the default password behavior is used.

-P | --pwprompt

If given, createuser will issue a prompt for the password of the new role. This is not necessary if you do not plan on using password authentication.

-r | --createrole

The new role will be allowed to create new roles (CREATEROLE privilege).

-R | --no-createrole

The new role will not be allowed to create new roles. This is the default.

-s | --superuser

The new role will be a superuser.

-S | --no-superuser

The new role will not be a superuser. This is the default.

-V | --version

Print the createuser version and exit.

--replication

The new role will have the REPLICATION privilege.

--no-replication

The new role will not have the REPLICATION privilege. This is the default.

-? | --help

Show help about createuser command line arguments, and exit.

Connection options

-h <host> | --host=<host>

The host name of the machine on which the Greengage DB master is running. If not specified, reads from the PGHOST environment variable or defaults to localhost.

-p <port> | --port=<port>

The TCP port on which the Greengage DB master is listening for connections. If not specified, reads from the PGPORT environment variable or defaults to 5432.

-U <username> | --username=<username>

The database role name to connect as. If not specified, reads from the PGUSER environment variable or defaults to the current system role name.

-w | --no-password

Never issue a password prompt. If the server requires password authentication and a password is not available by other means such as a .pgpass file, the connection attempt will fail. This option can be useful in batch jobs and scripts where no user is present to enter a password.

-W | --password

Force a password prompt.

Examples

  • Create the joe role on the default database server:

    $ createuser joe

  • Create the joe role on the default database server:

    $ createuser --interactive joe

    Answer the interactive prompts:

    Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) n
Shall the new role be allowed to create more new roles? (y/n) n

  • Create the same joe role using connection options, with attributes explicitly specified, and taking a look at the underlying command:

    $ createuser -h mdw -p 54321 -S -D -R -e joe

    The result:

    CREATE ROLE joe NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT
LOGIN;
CREATE ROLE

  • Create the joe role as a superuser:

    $ createuser -P -s -e joe

    Assign the password admin123 immediately:

    Enter password for new role: admin123
Enter it again: admin123

    The result:

    CREATE ROLE joe PASSWORD 'admin123' SUPERUSER CREATEDB
CREATEROLE INHERIT LOGIN;
CREATE ROLE

    In the above example, the new password is not actually echoed when typed, but the input is shown for clarity. However the password will appear in the echoed command, as illustrated if the -e option is used.

See also

Previous
createdb
Next
dropdb