diff --git a/doc/src/sgml/ref/alter_default_privileges.sgml b/doc/src/sgml/ref/alter_default_privileges.sgml
index 04064d399cb..45cd09df56f 100644
--- a/doc/src/sgml/ref/alter_default_privileges.sgml
+++ b/doc/src/sgml/ref/alter_default_privileges.sgml
@@ -89,9 +89,7 @@ REVOKE [ GRANT OPTION FOR ]
You can change default privileges only for objects that will be created by
yourself or by roles that you are a member of. The privileges can be set
globally (i.e., for all objects created in the current database),
- or just for objects created in specified schemas. Default privileges
- that are specified per-schema are added to whatever the global default
- privileges are for the particular object type.
+ or just for objects created in specified schemas.
@@ -103,6 +101,16 @@ REVOKE [ GRANT OPTION FOR ]
ALTER DEFAULT PRIVILEGES.
+
+ Default privileges that are specified per-schema are added to whatever
+ the global default privileges are for the particular object type.
+ This means you cannot revoke privileges per-schema if they are granted
+ globally (either by default, or according to a previous ALTER
+ DEFAULT PRIVILEGES command that did not specify a schema).
+ Per-schema REVOKE is only useful to reverse the
+ effects of a previous per-schema GRANT.
+
+
Parameters
@@ -193,11 +201,19 @@ ALTER DEFAULT PRIVILEGES IN SCHEMA myschema REVOKE INSERT ON TABLES FROM webuser
Remove the public EXECUTE permission that is normally granted on functions,
- for all functions subsequently created by role admin:
-
+ for all functions subsequently created by role admin:
ALTER DEFAULT PRIVILEGES FOR ROLE admin REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;
-
+
+ Note however that you cannot accomplish that effect
+ with a command limited to a single schema. This command has no effect,
+ unless it is undoing a matching GRANT:
+
+ALTER DEFAULT PRIVILEGES IN SCHEMA public REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;
+
+ That's because per-schema default privileges can only add privileges to
+ the global setting, not remove privileges granted by it.
+