Overview

Oxla implements role-based access control (RBAC) features, including roles, privileges and ownership. These features function similarly to those found in other leading database systems, providing a familiar access control model for users and administrators.

Enabling Access Control

Access control is enabled by default on new Oxla installations. You can disable access control through the configuration file if needed. For detailed instructions on configuring access control, refer to the Oxla Configuration File documentation. The access control (AC) behavior is as follows:
  • If the access control flag is explicitly set in the configuration file, that setting is always followed
  • If the flag is not explicitly set in the configuration:
    • When Oxla Home is empty, AC will be enabled by default
    • When Oxla Home is non-empty, AC will be enabled only if it was previously enabled
For backward compatibility, old Oxla versions did not have access control (AC). If you use a new Oxla release with an Oxla Home created by these old versions, AC will be disabled by default. However, if the Oxla Home comes from an older where AC was likely enabled, then AC will be enabled by default. This behavior helps maintain security settings appropriate to the Oxla Home’s history.

Default Superuser

Oxla always includes a default superuser account named oxla with the initial password oxla.
  • During the first startup, you can set a custom password for the default superuser using the access_control.initial_password parameter in the configuration file
  • After setting the password, you can remove this parameter from the configuration
  • You can also change the password later using the ALTER ROLE query
For security reasons, it is highly recommended to change the default superuser password immediately after installation.

System Catalogs Visibility

Users can view rows in system catalog tables only if those rows correspond to objects or reside in schemas to which the user has access. For example, in the information_schema.tables table, a user can see all tables for which they have any grants, as well as all tables in schemas where they have the USAGE privilege.

Restrictions

  • Only superusers have the SELECT privilege on internal system tables
  • Privileges on internal system tables cannot be granted or revoked
  • Only superusers and database owners can create new schemas
  • Only superusers can create new roles
  • Every role is granted the CONNECT privilege to the default database at creation (this privilege can be revoked)
  • Every role is granted the USAGE privilege on the default public schema at creation (this privilege can be revoked)
  • Oxla does not support role membership, so privilege inheritance is not available
Once access control is enabled and Oxla Home is not empty, you cannot disable access control. If you attempt to run Oxla with the access control flag in OXLA_HOME set to OFF after it was previously enabled, Oxla will enter a degraded state.