From 7f550f0d834c97c6026ecbecd33463168c6397a6 Mon Sep 17 00:00:00 2001 From: "Karl O. Pinc" Date: Sun, 17 Sep 2023 08:33:11 -0500 Subject: [PATCH] Improve cluster creation docs after review with Stevan --- make_files/make_db.mk | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/make_files/make_db.mk b/make_files/make_db.mk index 3475eb7..37a5031 100644 --- a/make_files/make_db.mk +++ b/make_files/make_db.mk @@ -528,22 +528,24 @@ $(DB_TARGETS) db/creategroups.sql: %.sql: %.m4 $(DB_DEPENDS) ## ## 3) Drop the "public" schema. If you are using PG v15 or later use ## the "drop-public" target. If you have an administrative user -## that has true Postgres superuser privileges that can be used -## with the "drop-public" target. Otherwise use the -## "drop-public-root" target while logged in to Unix as the root -## user. +## it can be used with the "drop-public" target. Otherwise use +## the "drop-public-root" target while logged in to Unix as the +## root user. ## ## The "init-database" target creates a database owned by the admin group. ## -## After cluster initialization create at least one login for an individual -## using the administrative user. Give the logins elevated priviliges with -## the INHERIT, CREATEUSER, and CREATEDB attributes and by putting them -## into the admin group. It is easiest to do all of this using the SokweDB -## user administration tools. -## -## When this is done the administrative user is no longer needed and should -## be deleted. Per-person roles, the individual login(s) created above, -## have all available permissions. +## After cluster initialization create at least one login for an +## individual using the administrative user. Give the logins +## elevated priviliges with the INHERIT, CREATEUSER, and CREATEDB +## attributes, and all available Postgres "pre-defined roles" +## (https://www.postgresql.org/docs/current/predefined-roles.html), +## and by putting them into the admin group. It is easiest to do all +## of this using the SokweDB user administration tools. +## +## When this is done the administrative user is no longer needed and +## should be deleted, unless it is the only role available having the +## PG SUPERUSER attribute. Per-person roles, the individual login(s) +## created above, have all available permissions. ## ## Additional databases may be created using individual logins. Creating ## them with "make" will properly initialize them for use with SokweDB. -- 2.34.1