acl – PGEXT.CLOUD

Extensions

acl

pg_acl : ACL Data type

Overview

ID	Extension	Package	Version	Category	License	Language
3860	acl	pg_acl	`1.0.4`	TYPE	BSD 2-Clause	C

Attribute	Has Binary	Has Library	Need Load	Has DDL	Relocatable	Trusted
--s-d-r	No	Yes	No	Yes	yes	no

Relationships
See Also	prefix semver unit pgpdf pglite_fusion md5hash asn1oid roaringbitmap

+cast pg_uuid_t

Packages

Type	Repo	Version	PG Major Compatibility	Package Pattern	Dependencies
EXT	PIGSTY	`1.0.4`	18 17 16 15 14	`pg_acl`	-
RPM	PIGSTY	`1.0.4`	18 17 16 15 14	`acl_$v`	-
DEB	PIGSTY	`1.0.4`	18 17 16 15 14	`postgresql-$v-acl`	-

Linux / PG	PG18	PG17	PG16	PG15	PG14
el8.x86_64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
el8.aarch64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
el9.x86_64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
el9.aarch64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
el10.x86_64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
el10.aarch64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
d12.x86_64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
d12.aarch64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
d13.x86_64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
d13.aarch64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
u22.x86_64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
u22.aarch64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
u24.x86_64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4
u24.aarch64	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4	PIGSTY 1.0.4

Package	Version	OS	ORG	SIZE	File URL
`acl_18`	`1.0.4`	el8.x86_64	pigsty	28.4 KiB	acl_18-1.0.4-1PIGSTY.el8.x86_64.rpm
`acl_18`	`1.0.4`	el8.aarch64	pigsty	27.7 KiB	acl_18-1.0.4-1PIGSTY.el8.aarch64.rpm
`acl_18`	`1.0.4`	el9.x86_64	pigsty	27.5 KiB	acl_18-1.0.4-1PIGSTY.el9.x86_64.rpm
`acl_18`	`1.0.4`	el9.aarch64	pigsty	27.1 KiB	acl_18-1.0.4-1PIGSTY.el9.aarch64.rpm
`acl_18`	`1.0.4`	el10.x86_64	pigsty	27.9 KiB	acl_18-1.0.4-1PIGSTY.el10.x86_64.rpm
`acl_18`	`1.0.4`	el10.aarch64	pigsty	27.2 KiB	acl_18-1.0.4-1PIGSTY.el10.aarch64.rpm
`postgresql-18-acl`	`1.0.4`	d12.x86_64	pigsty	45.0 KiB	postgresql-18-acl_1.0.4-1PIGSTY~bookworm_amd64.deb
`postgresql-18-acl`	`1.0.4`	d12.aarch64	pigsty	44.6 KiB	postgresql-18-acl_1.0.4-1PIGSTY~bookworm_arm64.deb
`postgresql-18-acl`	`1.0.4`	d13.x86_64	pigsty	45.2 KiB	postgresql-18-acl_1.0.4-1PIGSTY~trixie_amd64.deb
`postgresql-18-acl`	`1.0.4`	d13.aarch64	pigsty	44.9 KiB	postgresql-18-acl_1.0.4-1PIGSTY~trixie_arm64.deb
`postgresql-18-acl`	`1.0.4`	u22.x86_64	pigsty	47.5 KiB	postgresql-18-acl_1.0.4-1PIGSTY~jammy_amd64.deb
`postgresql-18-acl`	`1.0.4`	u22.aarch64	pigsty	47.5 KiB	postgresql-18-acl_1.0.4-1PIGSTY~jammy_arm64.deb
`postgresql-18-acl`	`1.0.4`	u24.x86_64	pigsty	47.2 KiB	postgresql-18-acl_1.0.4-1PIGSTY~noble_amd64.deb
`postgresql-18-acl`	`1.0.4`	u24.aarch64	pigsty	46.6 KiB	postgresql-18-acl_1.0.4-1PIGSTY~noble_arm64.deb

Package	Version	OS	ORG	SIZE	File URL
`acl_17`	`1.0.4`	el8.x86_64	pigsty	28.4 KiB	acl_17-1.0.4-1PIGSTY.el8.x86_64.rpm
`acl_17`	`1.0.4`	el8.aarch64	pigsty	27.7 KiB	acl_17-1.0.4-1PIGSTY.el8.aarch64.rpm
`acl_17`	`1.0.4`	el9.x86_64	pigsty	27.4 KiB	acl_17-1.0.4-1PIGSTY.el9.x86_64.rpm
`acl_17`	`1.0.4`	el9.aarch64	pigsty	27.1 KiB	acl_17-1.0.4-1PIGSTY.el9.aarch64.rpm
`acl_17`	`1.0.4`	el10.x86_64	pigsty	27.9 KiB	acl_17-1.0.4-1PIGSTY.el10.x86_64.rpm
`acl_17`	`1.0.4`	el10.aarch64	pigsty	27.2 KiB	acl_17-1.0.4-1PIGSTY.el10.aarch64.rpm
`postgresql-17-acl`	`1.0.4`	d12.x86_64	pigsty	45.0 KiB	postgresql-17-acl_1.0.4-1PIGSTY~bookworm_amd64.deb
`postgresql-17-acl`	`1.0.4`	d12.aarch64	pigsty	44.6 KiB	postgresql-17-acl_1.0.4-1PIGSTY~bookworm_arm64.deb
`postgresql-17-acl`	`1.0.4`	d13.x86_64	pigsty	45.2 KiB	postgresql-17-acl_1.0.4-1PIGSTY~trixie_amd64.deb
`postgresql-17-acl`	`1.0.4`	d13.aarch64	pigsty	44.7 KiB	postgresql-17-acl_1.0.4-1PIGSTY~trixie_arm64.deb
`postgresql-17-acl`	`1.0.4`	u22.x86_64	pigsty	50.1 KiB	postgresql-17-acl_1.0.4-1PIGSTY~jammy_amd64.deb
`postgresql-17-acl`	`1.0.4`	u22.aarch64	pigsty	50.0 KiB	postgresql-17-acl_1.0.4-1PIGSTY~jammy_arm64.deb
`postgresql-17-acl`	`1.0.4`	u24.x86_64	pigsty	47.2 KiB	postgresql-17-acl_1.0.4-1PIGSTY~noble_amd64.deb
`postgresql-17-acl`	`1.0.4`	u24.aarch64	pigsty	46.6 KiB	postgresql-17-acl_1.0.4-1PIGSTY~noble_arm64.deb

Package	Version	OS	ORG	SIZE	File URL
`acl_16`	`1.0.4`	el8.x86_64	pigsty	28.4 KiB	acl_16-1.0.4-1PIGSTY.el8.x86_64.rpm
`acl_16`	`1.0.4`	el8.aarch64	pigsty	27.7 KiB	acl_16-1.0.4-1PIGSTY.el8.aarch64.rpm
`acl_16`	`1.0.4`	el9.x86_64	pigsty	27.5 KiB	acl_16-1.0.4-1PIGSTY.el9.x86_64.rpm
`acl_16`	`1.0.4`	el9.aarch64	pigsty	27.1 KiB	acl_16-1.0.4-1PIGSTY.el9.aarch64.rpm
`acl_16`	`1.0.4`	el10.x86_64	pigsty	27.9 KiB	acl_16-1.0.4-1PIGSTY.el10.x86_64.rpm
`acl_16`	`1.0.4`	el10.aarch64	pigsty	27.2 KiB	acl_16-1.0.4-1PIGSTY.el10.aarch64.rpm
`postgresql-16-acl`	`1.0.4`	d12.x86_64	pigsty	45.0 KiB	postgresql-16-acl_1.0.4-1PIGSTY~bookworm_amd64.deb
`postgresql-16-acl`	`1.0.4`	d12.aarch64	pigsty	44.6 KiB	postgresql-16-acl_1.0.4-1PIGSTY~bookworm_arm64.deb
`postgresql-16-acl`	`1.0.4`	d13.x86_64	pigsty	45.2 KiB	postgresql-16-acl_1.0.4-1PIGSTY~trixie_amd64.deb
`postgresql-16-acl`	`1.0.4`	d13.aarch64	pigsty	44.8 KiB	postgresql-16-acl_1.0.4-1PIGSTY~trixie_arm64.deb
`postgresql-16-acl`	`1.0.4`	u22.x86_64	pigsty	50.1 KiB	postgresql-16-acl_1.0.4-1PIGSTY~jammy_amd64.deb
`postgresql-16-acl`	`1.0.4`	u22.aarch64	pigsty	50.0 KiB	postgresql-16-acl_1.0.4-1PIGSTY~jammy_arm64.deb
`postgresql-16-acl`	`1.0.4`	u24.x86_64	pigsty	47.2 KiB	postgresql-16-acl_1.0.4-1PIGSTY~noble_amd64.deb
`postgresql-16-acl`	`1.0.4`	u24.aarch64	pigsty	46.6 KiB	postgresql-16-acl_1.0.4-1PIGSTY~noble_arm64.deb

Package	Version	OS	ORG	SIZE	File URL
`acl_15`	`1.0.4`	el8.x86_64	pigsty	28.4 KiB	acl_15-1.0.4-1PIGSTY.el8.x86_64.rpm
`acl_15`	`1.0.4`	el8.aarch64	pigsty	27.8 KiB	acl_15-1.0.4-1PIGSTY.el8.aarch64.rpm
`acl_15`	`1.0.4`	el9.x86_64	pigsty	27.6 KiB	acl_15-1.0.4-1PIGSTY.el9.x86_64.rpm
`acl_15`	`1.0.4`	el9.aarch64	pigsty	27.1 KiB	acl_15-1.0.4-1PIGSTY.el9.aarch64.rpm
`acl_15`	`1.0.4`	el10.x86_64	pigsty	27.6 KiB	acl_15-1.0.4-1PIGSTY.el10.x86_64.rpm
`acl_15`	`1.0.4`	el10.aarch64	pigsty	27.4 KiB	acl_15-1.0.4-1PIGSTY.el10.aarch64.rpm
`postgresql-15-acl`	`1.0.4`	d12.x86_64	pigsty	45.1 KiB	postgresql-15-acl_1.0.4-1PIGSTY~bookworm_amd64.deb
`postgresql-15-acl`	`1.0.4`	d12.aarch64	pigsty	44.7 KiB	postgresql-15-acl_1.0.4-1PIGSTY~bookworm_arm64.deb
`postgresql-15-acl`	`1.0.4`	d13.x86_64	pigsty	45.3 KiB	postgresql-15-acl_1.0.4-1PIGSTY~trixie_amd64.deb
`postgresql-15-acl`	`1.0.4`	d13.aarch64	pigsty	44.9 KiB	postgresql-15-acl_1.0.4-1PIGSTY~trixie_arm64.deb
`postgresql-15-acl`	`1.0.4`	u22.x86_64	pigsty	50.3 KiB	postgresql-15-acl_1.0.4-1PIGSTY~jammy_amd64.deb
`postgresql-15-acl`	`1.0.4`	u22.aarch64	pigsty	49.9 KiB	postgresql-15-acl_1.0.4-1PIGSTY~jammy_arm64.deb
`postgresql-15-acl`	`1.0.4`	u24.x86_64	pigsty	46.9 KiB	postgresql-15-acl_1.0.4-1PIGSTY~noble_amd64.deb
`postgresql-15-acl`	`1.0.4`	u24.aarch64	pigsty	46.5 KiB	postgresql-15-acl_1.0.4-1PIGSTY~noble_arm64.deb

Package	Version	OS	ORG	SIZE	File URL
`acl_14`	`1.0.4`	el8.x86_64	pigsty	28.4 KiB	acl_14-1.0.4-1PIGSTY.el8.x86_64.rpm
`acl_14`	`1.0.4`	el8.aarch64	pigsty	27.8 KiB	acl_14-1.0.4-1PIGSTY.el8.aarch64.rpm
`acl_14`	`1.0.4`	el9.x86_64	pigsty	27.6 KiB	acl_14-1.0.4-1PIGSTY.el9.x86_64.rpm
`acl_14`	`1.0.4`	el9.aarch64	pigsty	27.1 KiB	acl_14-1.0.4-1PIGSTY.el9.aarch64.rpm
`acl_14`	`1.0.4`	el10.x86_64	pigsty	27.6 KiB	acl_14-1.0.4-1PIGSTY.el10.x86_64.rpm
`acl_14`	`1.0.4`	el10.aarch64	pigsty	27.3 KiB	acl_14-1.0.4-1PIGSTY.el10.aarch64.rpm
`postgresql-14-acl`	`1.0.4`	d12.x86_64	pigsty	45.1 KiB	postgresql-14-acl_1.0.4-1PIGSTY~bookworm_amd64.deb
`postgresql-14-acl`	`1.0.4`	d12.aarch64	pigsty	44.8 KiB	postgresql-14-acl_1.0.4-1PIGSTY~bookworm_arm64.deb
`postgresql-14-acl`	`1.0.4`	d13.x86_64	pigsty	45.3 KiB	postgresql-14-acl_1.0.4-1PIGSTY~trixie_amd64.deb
`postgresql-14-acl`	`1.0.4`	d13.aarch64	pigsty	44.9 KiB	postgresql-14-acl_1.0.4-1PIGSTY~trixie_arm64.deb
`postgresql-14-acl`	`1.0.4`	u22.x86_64	pigsty	50.2 KiB	postgresql-14-acl_1.0.4-1PIGSTY~jammy_amd64.deb
`postgresql-14-acl`	`1.0.4`	u22.aarch64	pigsty	49.8 KiB	postgresql-14-acl_1.0.4-1PIGSTY~jammy_arm64.deb
`postgresql-14-acl`	`1.0.4`	u24.x86_64	pigsty	46.9 KiB	postgresql-14-acl_1.0.4-1PIGSTY~noble_amd64.deb
`postgresql-14-acl`	`1.0.4`	u24.aarch64	pigsty	46.4 KiB	postgresql-14-acl_1.0.4-1PIGSTY~noble_arm64.deb

Source

Repository

github.com/arkhipov/acl

Source Tarball

acl-1.0.4.tar.gz

pig build pkg pg_acl;		# build rpm/deb

Install

Make sure PGDG and PIGSTY repo available:

pig repo add pgsql -u   # add both repo and update cache

Install this extension with pig:

pig install pg_acl;		# install via package name, for the active PG version
pig install acl;		# install by extension name, for the current active PG version

pig install acl -v 18;   # install for PG 18
pig install acl -v 17;   # install for PG 17
pig install acl -v 16;   # install for PG 16
pig install acl -v 15;   # install for PG 15
pig install acl -v 14;   # install for PG 14

Create this extension with:

CREATE EXTENSION acl;

Usage

acl: access control list data type for PostgreSQL

The acl extension provides Access Control List types for row-level security based on application users, without requiring separate database accounts.

CREATE EXTENSION acl;

Data Types

ace: Standard role-based ACE using PostgreSQL OIDs
ace_int4: ACE with 32-bit integer identifiers
ace_int8: ACE with 64-bit integer identifiers
ace_uuid: ACE with UUID identifiers

ACLs are stored as PostgreSQL arrays of ACE types (e.g., ace[]).

ACE Format

[type]/[flags]/[who]=[mask]

Type: a (allow) or d (deny)
Flags: i (inherit only), o (object inherit), c (container inherit), p (no propagate), h (inherited)
Who: Role name, OID, integer, UUID, or "" (everyone)
Permissions: r (read), w (write), d (delete), c (read ACL), s (write ACL), plus 16 custom permissions (0-F)

Checking Permissions

-- Check current user's access
SELECT acl_check_access(acl_column, 'rw', false) FROM my_table;

-- Check specific role
SELECT acl_check_access(acl_column, 'r', 'username'::name, false);

-- Check custom int4 roles
SELECT acl_check_access(acl_column, 'rw', ARRAY[1001, 1002]::int4[], false);

ACL Inheritance

-- Compute child ACL from parent
SELECT acl_merge(parent_acl, child_acl, true, true);

Row-Level Security Example

CREATE TABLE file_system (
    id   int PRIMARY KEY,
    name text,
    acl  ace[]
);

ALTER TABLE file_system ENABLE ROW LEVEL SECURITY;

CREATE POLICY read_policy ON file_system FOR SELECT TO PUBLIC
    USING (acl_check_access(acl, 'r', false) = 'r');

CREATE POLICY write_policy ON file_system FOR UPDATE TO PUBLIC
    USING (acl_check_access(acl, 'w', false) = 'w');

Last updated on 2026-03-24

emailaddr debversion