Updated on 2022-07-29 GMT+08:00

PG_SHADOW

PG_SHADOW displays properties of all roles that are marked as rolcanlogin in PG_AUTHID.

The name stems from the fact that this table should not be readable by the public since it contains passwords. PG_USER is a publicly readable view on PG_SHADOW that blanks out the password column.

Table 1 PG_SHADOW columns

Name

Type

Reference

Description

usename

name

PG_AUTHID.rolname

User name

usesysid

oid

PG_AUTHID.oid

ID of a user

usecreatedb

boolean

-

Indicates that the user can create databases.

usesuper

boolean

-

Indicates that the user is an administrator.

usecatupd

boolean

-

Indicates that the user can update system catalogs. Even the system administrator cannot do this unless this column is true.

userepl

boolean

-

User can initiate streaming replication and put the system in and out of backup mode.

passwd

text

-

Password (possibly encrypted); null if none. See PG_AUTHID for details about how encrypted passwords are stored.

valbegin

timestamp with time zone

-

Account validity start time; null if no start time

valuntil

timestamp with time zone

-

Password expiry time; null if no expiration

respool

name

-

Resource pool used by the user

parent

oid

-

Parent resource pool

spacelimit

text

-

The storage space of the permanent table.

tempspacelimit

text

-

The storage space of the temporary table.

spillspacelimit

text

-

The operator disk flushing space.

useconfig

text[ ]

-

Session defaults for runtime configuration variables