Official file: https://opengauss.org/zh/docs/1.0.1/docs/Developerguide/%E7%AE%A1%E7%90%86%E5%91%98.html
Description of openguass version 1.0.1 about administrators
administrator
initial user
The account automatically generated during openGauss installation is called the initial user. The initial users are also system administrators, monitoring administrators, operation and maintenance administrators, and security policy administrators. They have the highest authority of the system and can perform all operations. This account has the same name as the operating system user for openGauss installation, and a password needs to be set manually during installation. After logging in to the database for the first time, please change the password of the initial user in time.
The initial user bypasses all permission checks. It is recommended that this initial user be used for DBA administration purposes only, not for business applications.
System administrator
A system administrator is an account with the SYSADMIN attribute, which by default has the same privileges as the object owner, excluding the object privileges of the dbe_perf schema.
To create a new system administrator, connect to the database as the initial user or the system administrator user and set it up using the CREATE USER statement or the ALTER USER statement with the SYSADMIN option.
copy code
CREATE USER sysadmin WITH SYSADMIN password "Bigdata@123";
or
copy code
ALTER USER joe SYSADMIN;
ALTER USER requires that the user already exists.
Description of openguass version 2.0.0 about administrators
Official file: https://opengauss.org/zh/docs/2.0.0/docs/Developerguide/%E7%AE%A1%E7%90%86%E5%91%98.html
administrator
initial user
The account that is automatically generated during database installation is called the initial user. The initial user has the highest authority on the system and can perform all operations. If the initial user name is not specified during installation, the account has the same name as the operating system user that performed the database installation. If you do not specify the password of the initial user during installation, the password will be empty after the installation is complete. Before performing other operations, you need to modify the password of the initial user through the gsql client. If the initial user password is empty, other SQL operations, upgrade, capacity expansion, node replacement and other operations cannot be performed except password modification.
The initial user bypasses all permission checks. It is recommended that this initial user be used for DBA administration purposes only, not for business applications.
System administrator
A system administrator is an account with the SYSADMIN attribute, which by default has the same privileges as the object owner, excluding the object privileges of the dbe_perf schema.
To create a new system administrator, connect to the database as the initial user or the system administrator user and set it up using the CREATE USER statement or the ALTER USER statement with the SYSADMIN option.
copy code
postgres=# CREATE USER sysadmin WITH SYSADMIN password "xxxxxxxxx";
or
copy code
postgres=# ALTER USER joe SYSADMIN;
ALTER USER requires that the user already exists.
monitor administrator
A monitoring administrator refers to an account with the MONADMIN attribute, which has the right to view views and functions in dbe_perf mode, and can also grant or revoke object rights in dbe_perf mode.
To create a new monitoring administrator, connect to the database as a system administrator and set it up using the CREATE USER statement or the ALTER USER statement with the MONADMIN option .
copy code
postgres=# CREATE USER monadmin WITH MONADMIN password "xxxxxxxxx";
or
copy code
postgres=# ALTER USER joe MONADMIN;
ALTER USER requires that the user already exists.
Operation and maintenance administrator
The operation and maintenance administrator refers to an account with the attribute OPRADMIN and has the right to perform backup and recovery using the Roach tool.
To create a new operations administrator, connect to the database as the initial user and set it up using the CREATE USER statement or ALTER USER statement with the OPRADMIN option .
copy code
postgres=# CREATE USER opradmin WITH OPRADMIN password "xxxxxxxxx";
or
copy code
postgres=# ALTER USER joe OPRADMIN;
ALTER USER requires that the user already exists.
security policy administrator
A security policy administrator refers to an account with the POLADMIN attribute, which has the authority to create resource tags, desensitization policies, and unified audit policies.
To create a new security policy administrator, connect to the database as the system administrator user and set it using the CREATE USER statement or the ALTER USER statement with the POLADMIN option .
copy code
postgres=# CREATE USER poladmin WITH POLADMIN password "xxxxxxxxx";
or
copy code
postgres=# ALTER USER joe POLADMIN;
ALTER USER requires that the user already exists.
Top comments (0)