Contents

pg_parameter_acl

A system table storing information about individual GUC privileges

pg_parameter_acl is a system catalogue table which stores information about configuration parameters for which privileges have been explicilty granted to one or more roles.

pg_parameter_acl was added in PostgreSQL 15.

Usage

From PostgreSQL 15, permissions on individual configuration parameters can be explicitly granted to individual database users, using the syntax GRANT SET ON PARAMETER or GRANT ALTER SYSTEM ON PARAMETER (and correspondingly removed with rEVOKE). These permissions are tracked via pg_parameter_acl.

Change history

Examples

Example usage for pg_parameter_acl:

postgres=> SET SESSION track_activities = off;
ERROR:  permission denied to set parameter "track_activities"

postgres=> \c - postgres
You are now connected to database "postgres" as user "postgres".

postgres=# SELECT * FROM pg_parameter_acl ;
 oid | parname | paracl
-----+---------+--------
(0 rows)

postgres=# GRANT SET ON PARAMETER track_activities TO foo;
GRANT

postgres=# SELECT * FROM pg_parameter_acl;
  oid  |     parname      |                paracl
-------+------------------+---------------------------------------
 16393 | track_activities | {postgres=sA/postgres,foo=s/postgres}
(1 row)

postgres=# \dconfig+ track_activities
                  List of configuration parameters
    Parameter     | Value | Type |  Context  |  Access privileges
------------------+-------+------+-----------+----------------------
 track_activities | on    | bool | superuser | postgres=sA/postgres+
                  |       |      |           | foo=s/postgres
(1 row)

postgres=# \c - foo
You are now connected to database "postgres" as user "foo".

postgres=> SET SESSION track_activities = off;
SET

Categories

Configuration, System catalogue

See also

GRANT, REVOKE,