On Sat, Apr 2, 2022 at 1:32 PM Joe Conway wrote:
> I saw that Robert added documentation and it already reads correctly I
> believe, except possibly an unrelated issue:
>
> 8<--
>
>A role which replication whose privileges users are required to
> possess
>in
On 3/28/22 15:56, Robert Haas wrote:
On Mon, Mar 21, 2022 at 4:15 PM Joe Conway wrote:
Robert -- any opinion on this? If I am not mistaken it is code that you
are actively working on.
Woops, I only just saw this. I don't mind if you want to change the
calls to is_member_of_role() in
On 3/28/22 15:56, Robert Haas wrote:
On Mon, Mar 21, 2022 at 4:15 PM Joe Conway wrote:
Robert -- any opinion on this? If I am not mistaken it is code that you
are actively working on.
Woops, I only just saw this. I don't mind if you want to change the
calls to is_member_of_role() in
On Mon, Mar 21, 2022 at 4:15 PM Joe Conway wrote:
> Robert -- any opinion on this? If I am not mistaken it is code that you
> are actively working on.
Woops, I only just saw this. I don't mind if you want to change the
calls to is_member_of_role() in basebackup_server.c and
basebackup_to_shell.c
On 3/21/22 16:15, Joe Conway wrote:
On 3/20/22 12:38, Stephen Frost wrote:
Greetings,
On Sun, Mar 20, 2022 at 18:31 Joshua Brindle
mailto:joshua.brin...@crunchydata.com>>
wrote:
On Sun, Mar 20, 2022 at 12:27 PM Joe Conway mailto:m...@joeconway.com>> wrote:
>
> On 3/3/22
On 3/20/22 12:38, Stephen Frost wrote:
Greetings,
On Sun, Mar 20, 2022 at 18:31 Joshua Brindle
mailto:joshua.brin...@crunchydata.com>>
wrote:
On Sun, Mar 20, 2022 at 12:27 PM Joe Conway mailto:m...@joeconway.com>> wrote:
>
> On 3/3/22 11:26, Joshua Brindle wrote:
> > On
Greetings,
On Sun, Mar 20, 2022 at 18:31 Joshua Brindle
wrote:
> On Sun, Mar 20, 2022 at 12:27 PM Joe Conway wrote:
> >
> > On 3/3/22 11:26, Joshua Brindle wrote:
> > > On Thu, Feb 10, 2022 at 2:37 PM Joe Conway wrote:
> > >>
> > >> On 2/10/22 14:28, Nathan Bossart wrote:
> > >> > On Wed, Feb
On Sun, Mar 20, 2022 at 12:34 PM Joe Conway wrote:
>
> On 3/20/22 12:31, Joshua Brindle wrote:
> > On Sun, Mar 20, 2022 at 12:27 PM Joe Conway wrote:
> >>
> >> On 3/3/22 11:26, Joshua Brindle wrote:
> >> > On Thu, Feb 10, 2022 at 2:37 PM Joe Conway wrote:
> >> >>
> >> >> On 2/10/22 14:28,
On 3/20/22 12:31, Joshua Brindle wrote:
On Sun, Mar 20, 2022 at 12:27 PM Joe Conway wrote:
On 3/3/22 11:26, Joshua Brindle wrote:
> On Thu, Feb 10, 2022 at 2:37 PM Joe Conway wrote:
>>
>> On 2/10/22 14:28, Nathan Bossart wrote:
>> > On Wed, Feb 09, 2022 at 04:39:11PM -0500, Joe Conway wrote:
On Sun, Mar 20, 2022 at 12:27 PM Joe Conway wrote:
>
> On 3/3/22 11:26, Joshua Brindle wrote:
> > On Thu, Feb 10, 2022 at 2:37 PM Joe Conway wrote:
> >>
> >> On 2/10/22 14:28, Nathan Bossart wrote:
> >> > On Wed, Feb 09, 2022 at 04:39:11PM -0500, Joe Conway wrote:
> >> >> On 2/9/22 13:13, Nathan
On 3/3/22 11:26, Joshua Brindle wrote:
On Thu, Feb 10, 2022 at 2:37 PM Joe Conway wrote:
On 2/10/22 14:28, Nathan Bossart wrote:
> On Wed, Feb 09, 2022 at 04:39:11PM -0500, Joe Conway wrote:
>> On 2/9/22 13:13, Nathan Bossart wrote:
>>> I do wonder if users find the differences between
On Thu, Feb 10, 2022 at 2:37 PM Joe Conway wrote:
>
> On 2/10/22 14:28, Nathan Bossart wrote:
> > On Wed, Feb 09, 2022 at 04:39:11PM -0500, Joe Conway wrote:
> >> On 2/9/22 13:13, Nathan Bossart wrote:
> >>> I do wonder if users find the differences between predefined roles and
> >>> role
> >>>
On 2/10/22 14:28, Nathan Bossart wrote:
On Wed, Feb 09, 2022 at 04:39:11PM -0500, Joe Conway wrote:
On 2/9/22 13:13, Nathan Bossart wrote:
I do wonder if users find the differences between predefined roles and role
attributes confusing. INHERIT doesn't govern role attributes, but it will
On Wed, Feb 09, 2022 at 04:39:11PM -0500, Joe Conway wrote:
> On 2/9/22 13:13, Nathan Bossart wrote:
>> I do wonder if users find the differences between predefined roles and role
>> attributes confusing. INHERIT doesn't govern role attributes, but it will
>> govern predefined roles when this
On Wed, Feb 9, 2022 at 3:58 PM Robert Haas wrote:
>
> On Wed, Feb 9, 2022 at 1:13 PM Nathan Bossart
> wrote:
> > I do wonder if users find the differences between predefined roles and role
> > attributes confusing. INHERIT doesn't govern role attributes, but it will
> > govern predefined roles
On 2/9/22 13:13, Nathan Bossart wrote:
On Tue, Feb 08, 2022 at 10:54:50PM -0500, Robert Haas wrote:
On Tue, Feb 8, 2022 at 7:38 PM Joe Conway wrote:
If we were to start all over again with this feature my vote would be to
do things differently than we have done. I would not have called them
On Wed, Feb 9, 2022 at 1:13 PM Nathan Bossart wrote:
> I do wonder if users find the differences between predefined roles and role
> attributes confusing. INHERIT doesn't govern role attributes, but it will
> govern predefined roles when this patch is applied. Maybe the role
> attribute system
On Tue, Feb 08, 2022 at 10:54:50PM -0500, Robert Haas wrote:
> On Tue, Feb 8, 2022 at 7:38 PM Joe Conway wrote:
>> If we were to start all over again with this feature my vote would be to
>> do things differently than we have done. I would not have called them
>> predefined roles, and I would
On Tue, Feb 8, 2022 at 7:38 PM Joe Conway wrote:
> If we were to start all over again with this feature my vote would be to
> do things differently than we have done. I would not have called them
> predefined roles, and I would have used attributes of roles (e.g. make
> rolsuper into a bitmap
On 2/8/22 10:07, Robert Haas wrote:
On Tue, Feb 8, 2022 at 10:00 AM Joshua Brindle
wrote:
4 predefined roles currently use has_privs_of_role in master.
Further, pg_monitor, as an SQL-only predefined role, also behaves
consistently with the INHERIT rules that other roles do.
In order for
On Tue, Feb 8, 2022 at 10:00 AM Joshua Brindle
wrote:
> 4 predefined roles currently use has_privs_of_role in master.
>
> Further, pg_monitor, as an SQL-only predefined role, also behaves
> consistently with the INHERIT rules that other roles do.
>
> In order for SQL-only predefined roles to
On Tue, Feb 8, 2022 at 8:46 AM Robert Haas wrote:
>
> On Tue, Feb 8, 2022 at 6:59 AM Joe Conway wrote:
> > This is similar to bob's access to the default superuser privilege to
> > read data in someone else's table (must SET ROLE to access that capability).
> >
> > But it is different from bob's
On Tue, Feb 8, 2022 at 6:59 AM Joe Conway wrote:
> This is similar to bob's access to the default superuser privilege to
> read data in someone else's table (must SET ROLE to access that capability).
>
> But it is different from bob's access to inherited privileges which are
> GRANTed:
Yeah. I
On 2/7/22 12:09, Robert Haas wrote:
On Mon, Feb 7, 2022 at 11:13 AM Joe Conway wrote:
It is confusing and IMHO dangerous that the predefined roles currently
work differently than regular roles eith respect to privilege inheritance.
I feel like that's kind of a conclusory statement, as
On Mon, Feb 7, 2022 at 12:09 PM Robert Haas wrote:
>
> On Mon, Feb 7, 2022 at 11:13 AM Joe Conway wrote:
> > Easily worked around with one additional level of role:
>
> Interesting.
>
> > > But in the absence of that, it seems clearly better for predefined
> > > roles to disregard INHERIT and
On Mon, Feb 7, 2022 at 11:13 AM Joe Conway wrote:
> Easily worked around with one additional level of role:
Interesting.
> > But in the absence of that, it seems clearly better for predefined
> > roles to disregard INHERIT and just always grant the rights they are
> > intended to give. Because
On 2/7/22 10:35, Robert Haas wrote:
On Sun, Feb 6, 2022 at 12:24 PM Tom Lane wrote:
Joe Conway writes:
> I'd like to pick this patch up and see it through to commit/push.
> Presumably that will include back-patching to all supported pg versions.
> Before I go through the effort to back-patch,
On Sun, Feb 6, 2022 at 12:24 PM Tom Lane wrote:
> Joe Conway writes:
> > I'd like to pick this patch up and see it through to commit/push.
> > Presumably that will include back-patching to all supported pg versions.
> > Before I go through the effort to back-patch, does anyone want to argue
> >
Joe Conway writes:
> I'd like to pick this patch up and see it through to commit/push.
> Presumably that will include back-patching to all supported pg versions.
> Before I go through the effort to back-patch, does anyone want to argue
> that this should *not* be back-patched?
Hm, I'm -0.5 or
On 1/4/22 16:51, Joshua Brindle wrote:
On Tue, Jan 4, 2022 at 3:56 PM Tom Lane wrote:
"Bossart, Nathan" writes:
> On 11/12/21, 12:34 PM, "Joshua Brindle"
wrote:
>> All of these and also adminpack.sgml updated. I think that is all of
>> them but docs broken across lines and irregular
On Tue, Jan 4, 2022 at 3:56 PM Tom Lane wrote:
>
> "Bossart, Nathan" writes:
> > On 11/12/21, 12:34 PM, "Joshua Brindle"
> > wrote:
> >> All of these and also adminpack.sgml updated. I think that is all of
> >> them but docs broken across lines and irregular wording makes it
> >> difficult.
>
"Bossart, Nathan" writes:
> On 11/12/21, 12:34 PM, "Joshua Brindle"
> wrote:
>> All of these and also adminpack.sgml updated. I think that is all of
>> them but docs broken across lines and irregular wording makes it
>> difficult.
> LGTM. I've marked this as ready-for-committer.
This needs
On 11/12/21, 12:34 PM, "Joshua Brindle" wrote:
> All of these and also adminpack.sgml updated. I think that is all of
> them but docs broken across lines and irregular wording makes it
> difficult.
LGTM. I've marked this as ready-for-committer.
Nathan
On Wed, Nov 10, 2021 at 12:45 PM Bossart, Nathan wrote:
>
> On 11/8/21, 2:19 PM, "Joshua Brindle" wrote:
> > Thanks for the review, attached is an update with that comment fixed
> > and also sgml documentation changes that I missed earlier.
>
> I think there are a number of documentation changes
On 11/8/21, 2:19 PM, "Joshua Brindle" wrote:
> Thanks for the review, attached is an update with that comment fixed
> and also sgml documentation changes that I missed earlier.
I think there are a number of documentation changes that are still
missing. I did a quick scan and saw the "is member
On Mon, Nov 8, 2021 at 3:44 PM Stephen Frost wrote:
>
> Greetings,
>
> * Joshua Brindle (joshua.brin...@crunchydata.com) wrote:
> > On Wed, Oct 27, 2021 at 5:20 PM Joshua Brindle
> > wrote:
> > > On Wed, Oct 27, 2021 at 5:16 PM Robert Haas wrote:
> > > > On Wed, Oct 27, 2021 at 5:14 PM Joshua
Greetings,
* Joshua Brindle (joshua.brin...@crunchydata.com) wrote:
> On Wed, Oct 27, 2021 at 5:20 PM Joshua Brindle
> wrote:
> > On Wed, Oct 27, 2021 at 5:16 PM Robert Haas wrote:
> > > On Wed, Oct 27, 2021 at 5:14 PM Joshua Brindle
> > > wrote:
> > > > Attached is an updated version of the
On 10/27/21, 2:19 PM, "Robert Haas" wrote:
> I am not sure I understand what the advantage of this is supposed to be.
There are a couple of other related threads with some additional
context:
On Wed, Oct 27, 2021 at 5:20 PM Joshua Brindle
wrote:
>
> On Wed, Oct 27, 2021 at 5:16 PM Robert Haas wrote:
> >
> > On Wed, Oct 27, 2021 at 5:14 PM Joshua Brindle
> > wrote:
> > > Attached is an updated version of the patch to replace
> > > is_member_of_role with has_privs_for_role for
On Wed, Oct 27, 2021 at 5:16 PM Robert Haas wrote:
>
> On Wed, Oct 27, 2021 at 5:14 PM Joshua Brindle
> wrote:
> > Attached is an updated version of the patch to replace
> > is_member_of_role with has_privs_for_role for predefined roles. It
> > does not remove is_member_of_role from acl.h but it
On Wed, Oct 27, 2021 at 5:14 PM Joshua Brindle
wrote:
> Attached is an updated version of the patch to replace
> is_member_of_role with has_privs_for_role for predefined roles. It
> does not remove is_member_of_role from acl.h but it does add a warning
> not to use that function for privilege
Attached is an updated version of the patch to replace
is_member_of_role with has_privs_for_role for predefined roles. It
does not remove is_member_of_role from acl.h but it does add a warning
not to use that function for privilege checking.
Please consider this for the upcoming commitfest.
42 matches
Mail list logo
