SQLSTATE 42501 ERROR Class 42: Syntax Error or Access Rule Violation

insufficient_privilege must be superuser to … — 42501

PostgreSQL error "must be superuser to …" (SQLSTATE 42501): what it means, common causes, and how to fix it.

PG 12, 13, 14, 15, 16, 17, 18 Official docs
Last reviewed May 2025 Grounded in source

Diagnostic Queries

Symptoms

A role attempted an action restricted to superusers (or a specific predefined role) without the necessary privilege. PostgreSQL raises SQLSTATE 42501 (insufficient_privilege).

  • The message names the privileged action (e.g. “must be superuser to create FTS dictionaries”).
  • Common with server-wide or filesystem-touching operations.
  • Many such actions now map to predefined roles instead of full superuser.

What the server log shows

ERROR:  must be superuser to set parameter "session_preload_libraries"

Why PostgreSQL raises this — what the manual says

Section 21.5 Predefined Roles:

“PostgreSQL provides a set of predefined roles that provide access to certain, commonly needed, privileged capabilities and information.”

Certain operations affect the whole server or the host, so PostgreSQL restricts them to superusers (or a predefined role with that capability). A role lacking the privilege is blocked with 42501.

Common causes

  • Running a superuser-only command as an ordinary role.
  • Setting a parameter that requires elevated privileges.
  • Operations needing a predefined role (e.g. pg_read_server_files).

How to fix it

  1. Perform the action as a superuser, or have one do it.
  2. Grant the appropriate predefined role instead of full superuser (least privilege).
  3. Check what the action requires and assign the minimal capability needed.

Related & next steps

Reference: PostgreSQL 18 Section 22.5 “Predefined Roles”.

Was this helpful?