45.56. pg_shadow

The view pg_shadow exists for backwards compatibility: it emulates a catalog that existed in PostgreSQL before version 8.1. It shows properties of all roles that are marked as rolcanlogin in pg_authid.

The name stems from the fact that this table should not be readable by the public since it contains passwords. pg_user is a publicly readable view on pg_shadow that blanks out the password field.

Table 45-57. pg_shadow Columns

NameTypeReferencesDescription
usenamenamepg_authid.rolnameUser name
usesysidoidpg_authid.oidID of this user
usecreatedbbool User can create databases
usesuperbool User is a superuser
usecatupdbool  User can update system catalogs. (Even a superuser cannot do this unless this column is true.)
passwdtext Password (possibly encrypted); null if none. See pg_authid for details of how encrypted passwords are stored.
valuntilabstime Password expiry time (only used for password authentication)
useconfigtext[] Session defaults for run-time configuration variables