NAME
CREATE USER - 创建一个新的数据库用户帐户
SYNOPSIS
CREATE USER name [ [ WITH ] option [ ... ] ] where option can be: SYSID uid | [ ENCRYPTED | UNENCRYPTED ] PASSWORD 'password' | CREATEDB | NOCREATEDB | CREATEUSER | NOCREATEUSER | IN GROUP groupname [, ...] | VALID UNTIL 'abstime'
DESCRIPTION 描述
CREATE USER 向一个 PostgreSQL 数据库集群增加一个新用户。 参考 Chapter 17 ``Database Users and Privileges'' 和 Chapter 19 ``Client Authentication'' 获取关于管理用户和认证的信息。 要执行这条命令,你必须是一个数据库超级用户。
PARAMETERS 参数
- name
用户名- uid
- SYSID 子句可以用于选择正在被创建的用户的 PostgreSQL 用户标识。 通常这是不必要的,但是如果你想恢复一个孤儿对象的所有者,也许这个很有用。
如果没有声明这个,缺省使用已分配的***用户标识加一(最小是 100)。 - password
设置用户的口令,如果你不准备使用口令认证, 那么你可以省略这个选项,但如果你想切换到一个口令认证的服务器,那么该用户将不能联接。 此口令可以稍后再次设置或者修改,使用 ALTER USER [alter_user(7)]。- ENCRYPTED
- UNENCRYPTED
- 控制口令在数据库中是否以加密形式存储在系统表中。 (如果两个都没有设置,那么缺省的特性是由配置参数 password_encryption 决定的。) 如果提供的字串已经是 MD5 加密的格式,那么就照原样存储, 不管声明的是 ENCRYPTED 还是 UNENCRYPTED。 这样就允许在转储/恢复的过程中重载加密后的口令。
请注意老的客户端可能缺少 MD5 认证机制,我们需要这个认证机制处理存储为密文的口令。 - CREATEDB
- NOCREATEDB
- 这个子句定义用户的创建数据库权限。 如果声明了CREATEDB, 被定义的用户将允许创建其自己的数据库。 而使用NOCREATEDB将否决该用户的创建数据库的能力。 如果忽略本子句,缺省是NOCREATEDB。
- CREATEUSER
- NOCREATEUSER
该子句决定一个用户是否能创建一个新的用户。 这个选项同样把此用户变成数据库超级用户,可以跨越所有访问限制。省略这个参数将置用户的这个属性为 NOCREATEUSER。- groupname
一个组名称,把这个用户设为该组成员。 你可以列出多个组名字。- abstime
- VALID UNTIL (有效期)子句设置一个绝对时间, 过了该时间后用户的口令将不再有效。 如果省略这个子句,登陆将总是有效的。
NOTES 注意
使用 ALTER USER [alter_user(7)] 修改用户的口令和权限,DROP USER [drop_user(7)] 删除一个用户。 使用 ALTER GROUP [alter_group(l)] 从组中增加或删除用户。
PostgreSQL 里有一个程序 createuser [createuser(1)] 与CREATE USER 有相同的功能(实际上,它调用这条命令), 但是可以在命令行上运行。
EXAMPLES 例子
创建一个没有口令的用户:
CREATE USER jonathan;
创建一个有口令的用户:
CREATE USER davide WITH PASSWORD 'jw8s0F4';
创建一个有口令的用户,其帐号在 2004 年底失效。 注意当 2005 年走过一秒后,该帐号将不再有效:
CREATE USER miriam WITH PASSWORD 'jw8s0F4' VALID UNTIL '2005-01-01';
创建一个拥有创建数据库权限的用户:
CREATE USER manuel WITH PASSWORD 'jw8s0F4' CREATEDB;
COMPATIBILITY 兼容性
CREATE USER 语句是 PostgreSQL 扩展。 SQL 标准把用户的定义交给具体实现处理。
SEE ALSO 参见
ALTER USER [alter_user(7)], DROP USER [drop_user(l)], createuser(1)
#p#
NAME
CREATE USER - define a new database user account
SYNOPSIS
CREATE USER name [ [ WITH ] option [ ... ] ] where option can be: SYSID uid | [ ENCRYPTED | UNENCRYPTED ] PASSWORD 'password' | CREATEDB | NOCREATEDB | CREATEUSER | NOCREATEUSER | IN GROUP groupname [, ...] | VALID UNTIL 'abstime'
DESCRIPTION
CREATE USER adds a new user to a PostgreSQL database cluster. Refer to the chapters called ``Database Users and Privileges'' and ``Client Authentication'' in the documentation for information about managing users and authentication. You must be a database superuser to use this command.
PARAMETERS
- name
- The name of the user.
- uid
- The SYSID clause can be used to choose the PostgreSQL user ID of the user that is being created. This is not normally not necessary, but may be useful if you need to recreate the owner of an orphaned object.
If this is not specified, the highest assigned user ID plus one (with a minimum of 100) will be used as default.
- password
- Sets the user's password. If you do not plan to use password authentication you can omit this option, but then the user won't be able to connect if you decide to switch to password authentication. The password can be set or changed later, using ALTER USER [alter_user(7)].
- ENCRYPTED
- UNENCRYPTED
- These key words control whether the password is stored encrypted in the system catalogs. (If neither is specified, the default behavior is determined by the configuration parameter PASSWORD_ENCRYPTION.) If the presented password string is already in MD5-encrypted format, then it is stored encrypted as-is, regardless of whether ENCRYPTED or UNENCRYPTED is specified (since the system cannot decrypt the specified encrypted password string). This allows reloading of encrypted passwords during dump/restore.
Note that older clients may lack support for the MD5 authentication mechanism that is needed to work with passwords that are stored encrypted.
- CREATEDB
- NOCREATEDB
- These clauses define a user's ability to create databases. If CREATEDB is specified, the user being defined will be allowed to create his own databases. Using NOCREATEDB will deny a user the ability to create databases. If this clause is omitted, NOCREATEDB is used by default.
- CREATEUSER
- NOCREATEUSER
- These clauses determine whether a user will be permitted to create new users himself. This option will also make the user a superuser who can override all access restrictions. Omitting this clause will set the user's value of this attribute to be NOCREATEUSER.
- groupname
- A name of a group into which to insert the user as a new member. Multiple group names may be listed.
- abstime
- The VALID UNTIL clause sets an absolute time after which the user's password is no longer valid. If this clause is omitted the login will be valid for all time.
NOTES
Use ALTER USER [alter_user(7)] to change the attributes of a user, and DROP USER [drop_user(7)] to remove a user. Use ALTER GROUP [alter_group(l)] to add the user to groups or remove the user from groups.
PostgreSQL includes a program createuser [createuser(1)] that has the same functionality as CREATE USER (in fact, it calls this command) but can be run from the command shell.
EXAMPLES
Create a user with no password:
CREATE USER jonathan;
Create a user with a password:
CREATE USER davide WITH PASSWORD 'jw8s0F4';
Create a user with a password that is valid until the end of 2004. After one second has ticked in 2005, the password is no longer valid.
CREATE USER miriam WITH PASSWORD 'jw8s0F4' VALID UNTIL '2005-01-01';
Create an account where the user can create databases:
CREATE USER manuel WITH PASSWORD 'jw8s0F4' CREATEDB;
COMPATIBILITY
The CREATE USER statement is a PostgreSQL extension. The SQL standard leaves the definition of users to the implementation.
SEE ALSO
ALTER USER [alter_user(7)], DROP USER [drop_user(l)], createuser(1)