Stephen Frost <sfr...@snowman.net> writes: > * Tom Lane (t...@sss.pgh.pa.us) wrote: >> To make this work, you'd need a way to distinguish privileges installed >> by initdb from those changed later.
> To replicate whatever the current ACL is, we don't actually need to > make such a differentiation. I'm not against doing so, but the only > point of it would be to eliminate a few extra lines being dumped out > which re-run those commands that initdb runs on restore. No, the point of it would be to not have pg_dump scripts overriding installed-by-default ACLs. A newer PG version might have different ideas about what those should be. I don't think this is exactly an academic concern, either: wouldn't a likely outcome of your default-roles work be that some built-in functions have different initial ACLs than they do today? Good luck with that, if pg_upgrade overwrites those ACLs with the previous-version values. regards, tom lane -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers