Re: [HACKERS] Additional role attributes && superuser review

Adam Brightwell wrote: > Alvaro, > > > I thought I saw a comment about using underscore to separate words > > in privilege names, such as EXCLUSIVE_BACKUP rather than running it > > all together. Was that idea discarded? > > I'm not sure there was an actual discussion on the topic. Though, at o

Re: [HACKERS] Additional role attributes && superuser review

Alvaro, I thought I saw a comment about using underscore to separate words in > privilege names, such as EXCLUSIVE_BACKUP rather than running it all > together. Was that idea discarded? > I'm not sure there was an actual discussion on the topic. Though, at one point I had proposed it as one of

Re: [HACKERS] Additional role attributes && superuser review

* Alvaro Herrera (alvhe...@2ndquadrant.com) wrote: > Stephen Frost wrote: > > > Thanks! I've gone over this and made quite a few documentation and > > comment updates, but not too much else, so I'm pretty happy with how > > this is coming along. As mentioned elsewhere, this conflicts with the >

Re: [HACKERS] Additional role attributes && superuser review

Stephen Frost wrote: > Thanks! I've gone over this and made quite a few documentation and > comment updates, but not too much else, so I'm pretty happy with how > this is coming along. As mentioned elsewhere, this conflicts with the > GetUserId() to has_privs_of_role() cleanup, but as I anticipa

Re: [HACKERS] Additional role attributes && superuser review

Adam, * Adam Brightwell (adam.brightw...@crunchydatasolutions.com) wrote: > I have attached and updated patch for review. Thanks! I've gone over this and made quite a few documentation and comment updates, but not too much else, so I'm pretty happy with how this is coming along. As mentioned el

Re: [HACKERS] Additional role attributes && superuser review

All, I have attached and updated patch for review. Thanks, Adam -- Adam Brightwell - adam.brightw...@crunchydatasolutions.com Database Engineer - www.crunchydatasolutions.com diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml new file mode 100644 index 62305d2..fd4b9ab *** a/d

Re: [HACKERS] Additional role attributes && superuser review

On 2015-01-26 14:05:03 -0500, Stephen Frost wrote: > This capability would be used in conjunction with the SAN snapshot > capability, it's not intended to be a comparison to what SANs offer. Oh, on a reread that's now clear. Many of those actually allow hooks to be run when taking a snapshot, that

Re: [HACKERS] Additional role attributes && superuser review

* Robert Haas (robertmh...@gmail.com) wrote: > On Mon, Jan 26, 2015 at 1:59 PM, Andres Freund wrote: > > On 2015-01-26 13:47:02 -0500, Stephen Frost wrote: > >> Right. We already have a role attribute which allows pg_basebackup > >> (replication). Also, with pg_basebackup / rolreplication, your

Re: [HACKERS] Additional role attributes && superuser review

* Andres Freund (and...@2ndquadrant.com) wrote: > On 2015-01-26 13:47:02 -0500, Stephen Frost wrote: > > Right. We already have a role attribute which allows pg_basebackup > > (replication). Also, with pg_basebackup / rolreplication, your role > > is able to read the entire data directory from th

Re: [HACKERS] Additional role attributes && superuser review

On Mon, Jan 26, 2015 at 1:59 PM, Andres Freund wrote: > On 2015-01-26 13:47:02 -0500, Stephen Frost wrote: >> * Robert Haas (robertmh...@gmail.com) wrote: >> > On Wed, Jan 21, 2015 at 11:27 AM, Adam Brightwell >> > wrote: >> > > After re-reading through this thread is seems like EXCLUSIVEBACKUP

Re: [HACKERS] Additional role attributes && superuser review

On 2015-01-26 13:47:02 -0500, Stephen Frost wrote: > * Robert Haas (robertmh...@gmail.com) wrote: > > On Wed, Jan 21, 2015 at 11:27 AM, Adam Brightwell > > wrote: > > > After re-reading through this thread is seems like EXCLUSIVEBACKUP > > > (proposed > > > by Magnus) seemed to be a potentially a

Re: [HACKERS] Additional role attributes && superuser review

* Robert Haas (robertmh...@gmail.com) wrote: > On Wed, Jan 21, 2015 at 11:27 AM, Adam Brightwell > wrote: > > After re-reading through this thread is seems like EXCLUSIVEBACKUP (proposed > > by Magnus) seemed to be a potentially acceptable alternative. > > So this would let you do pg_start_backup

Re: [HACKERS] Additional role attributes && superuser review

On Wed, Jan 21, 2015 at 11:27 AM, Adam Brightwell wrote: > After re-reading through this thread is seems like EXCLUSIVEBACKUP (proposed > by Magnus) seemed to be a potentially acceptable alternative. So this would let you do pg_start_backup() and pg_stop_backup(), but it wouldn't let you run pg_b

Re: [HACKERS] Additional role attributes && superuser review

Adam, all, * Adam Brightwell (adam.brightw...@crunchydatasolutions.com) wrote: > After re-reading through this thread is seems like EXCLUSIVEBACKUP > (proposed by Magnus) seemed to be a potentially acceptable alternative. I just chatted a bit on IRC w/ Magnus about this and I'm on-board with his

Re: [HACKERS] Additional role attributes && superuser review

All, > > I'm slightly mystified as to how including the word "online" helps > here. It's unlikely that there will be an offline_backup permission, > because if the system is off-line, SQL-level permissions are > irrelevant. After re-reading through this thread is seems like EXCLUSIVEBACKUP (pro

Re: [HACKERS] Additional role attributes && superuser review

* Simon Riggs (si...@2ndquadrant.com) wrote: > On 3 November 2014 at 17:08, Stephen Frost wrote: > > role attributes don't act like > > GRANTs anyway (there's no ADMIN option and they aren't inheirited). > > I'm happy with us *not* doing this using GRANTs, as long as we spend > some love on the d

Re: [HACKERS] Additional role attributes && superuser review

On 3 November 2014 at 17:08, Stephen Frost wrote: > role attributes don't act like > GRANTs anyway (there's no ADMIN option and they aren't inheirited). I'm happy with us *not* doing this using GRANTs, as long as we spend some love on the docs to show there is a very clear distinction between th

Re: [HACKERS] Additional role attributes && superuser review

* Robert Haas (robertmh...@gmail.com) wrote: > On Thu, Jan 15, 2015 at 6:03 PM, Adam Brightwell > wrote: > > * ONLINE_BACKUP - allows role to perform backup operations > > - originally proposed as BACKUP - due to concern for the use of that term > > in relation to other potential backup related

Re: [HACKERS] Additional role attributes && superuser review

Robert, Thanks for the feedback. I'm slightly mystified as to how including the word "online" helps > here. It's unlikely that there will be an offline_backup permission, > because if the system is off-line, SQL-level permissions are > irrelevant. I'm certainly open to recommendations on this

Re: [HACKERS] Additional role attributes && superuser review

On Thu, Jan 15, 2015 at 6:03 PM, Adam Brightwell wrote: > * ONLINE_BACKUP - allows role to perform backup operations > - originally proposed as BACKUP - due to concern for the use of that term > in relation to other potential backup related permissions this form is in > line with the documentati

Re: [HACKERS] Additional role attributes && superuser review

All, Attached is a patch that proposes the following additional role attributes for review: * ONLINE_BACKUP - allows role to perform backup operations - originally proposed as BACKUP - due to concern for the use of that term in relation to other potential backup related permissions this form is

Re: [HACKERS] Additional role attributes && superuser review

Adam, all, * Adam Brightwell (adam.brightw...@crunchydatasolutions.com) wrote: > If others are also in agreement on this point then I'll update the patch > accordingly. Works for me. Thanks! Stephen signature.asc Description: Digital signature

Re: [HACKERS] Additional role attributes && superuser review

On Mon, Jan 5, 2015 at 11:49 AM, Robert Haas wrote: > On Wed, Dec 24, 2014 at 12:48 PM, Adam Brightwell > wrote: > > * BACKUP - allows role to perform backup operations > > * LOGROTATE - allows role to rotate log files > > * MONITOR - allows role to view pg_stat_* details > > * PROCSIGNAL - allo

Re: [HACKERS] Additional role attributes && superuser review

On Wed, Dec 24, 2014 at 12:48 PM, Adam Brightwell wrote: > * BACKUP - allows role to perform backup operations > * LOGROTATE - allows role to rotate log files > * MONITOR - allows role to view pg_stat_* details > * PROCSIGNAL - allows role to signal backend processes How about just "SIGNAL" inste

Re: [HACKERS] Additional role attributes && superuser review

On Wed, Dec 31, 2014 at 4:23 PM, Stephen Frost wrote: > * Magnus Hagander (mag...@hagander.net) wrote: > > On Wed, Dec 31, 2014 at 3:08 PM, Stephen Frost > wrote: > > > * Magnus Hagander (mag...@hagander.net) wrote: > > > I think having it do exactly what pg_dump needs, and not things like > > >

Re: [HACKERS] Additional role attributes && superuser review

* Magnus Hagander (mag...@hagander.net) wrote: > On Wed, Dec 31, 2014 at 3:08 PM, Stephen Frost wrote: > > * Magnus Hagander (mag...@hagander.net) wrote: > > > that doing so would be strictly more than what pg_dump actually requires > > > > but it's also what we actually have support for in our pr

Re: [HACKERS] Additional role attributes && superuser review

José, * José Luis Tallón (jltal...@adv-solutions.net) wrote: > On 12/30/2014 04:16 PM, Stephen Frost wrote: > >The approach I was thinking was to document and implement this as > >impliciting granting exactly USAGE and SELECT rights, no more (not > >BYPASSRLS) and no less (yes, the role could exec

Re: [HACKERS] Additional role attributes && superuser review

On Wed, Dec 31, 2014 at 3:08 PM, Stephen Frost wrote: > * Magnus Hagander (mag...@hagander.net) wrote: > > On Tue, Dec 30, 2014 at 4:16 PM, Stephen Frost > wrote: > > > The approach I was thinking was to document and implement this as > > > impliciting granting exactly USAGE and SELECT rights, n

Re: [HACKERS] Additional role attributes && superuser review

Amit, * Amit Kapila (amit.kapil...@gmail.com) wrote: > On Tue, Dec 30, 2014 at 6:35 PM, Stephen Frost wrote: > > I'm pretty sure we've agreed that having a catch-all role attribute like > > 'DBA' is a bad idea because we'd likely be adding privileges to it later > > which would expand the rights

Re: [HACKERS] Additional role attributes && superuser review

* Magnus Hagander (mag...@hagander.net) wrote: > On Tue, Dec 30, 2014 at 4:16 PM, Stephen Frost wrote: > > The approach I was thinking was to document and implement this as > > impliciting granting exactly USAGE and SELECT rights, no more (not > > BYPASSRLS) and no less (yes, the role could execut

Re: [HACKERS] Additional role attributes && superuser review

On Tue, Dec 30, 2014 at 4:16 PM, Stephen Frost wrote: > * Magnus Hagander (mag...@hagander.net) wrote: > > On Mon, Dec 29, 2014 at 11:01 PM, Stephen Frost > wrote: > > > That said, a 'DUMP' privilege which allows the user to dump the > contents > > > of the entire database is entirely reasonable

Re: [HACKERS] Additional role attributes && superuser review

On 12/30/2014 04:16 PM, Stephen Frost wrote: [snip] The approach I was thinking was to document and implement this as impliciting granting exactly USAGE and SELECT rights, no more (not BYPASSRLS) and no less (yes, the role could execute functions). I agree that doing so would be strictly more th

Re: [HACKERS] Additional role attributes && superuser review

On Tue, Dec 30, 2014 at 6:35 PM, Stephen Frost wrote: > * Amit Kapila (amit.kapil...@gmail.com) wrote: > > On Tue, Dec 30, 2014 at 6:52 AM, Stephen Frost wrote: > > > another could be have a separate privilege (DBA) or a role which is > > not a superuser, however can be used to perform such tasks

Re: [HACKERS] Additional role attributes && superuser review

* Magnus Hagander (mag...@hagander.net) wrote: > On Mon, Dec 29, 2014 at 11:01 PM, Stephen Frost wrote: > > That said, a 'DUMP' privilege which allows the user to dump the contents > > of the entire database is entirely reasonable. We need to be clear in > > the documentation though- such a 'DUMP

Re: [HACKERS] Additional role attributes && superuser review

On Mon, Dec 29, 2014 at 11:01 PM, Stephen Frost wrote: > > * Adam Brightwell (adam.brightw...@crunchydatasolutions.com) wrote: > > > I'd suggest it's called DUMP if that's what it allows, to keep it > separate > > > from the backup parts. > > > > Makes sense to me. > > I'm fine calling it 'DUMP',

Re: [HACKERS] Additional role attributes && superuser review

* Amit Kapila (amit.kapil...@gmail.com) wrote: > On Tue, Dec 30, 2014 at 6:52 AM, Stephen Frost wrote: > > > >There is one issue that occurs to me, however. We're talking about > > > >pg_dump, but what about pg_dumpall? In particular, I don't think the > > > >DUMP privilege should provide access

Re: [HACKERS] Additional role attributes && superuser review

On Tue, Dec 30, 2014 at 6:52 AM, Stephen Frost wrote: > > >There is one issue that occurs to me, however. We're talking about > > >pg_dump, but what about pg_dumpall? In particular, I don't think the > > >DUMP privilege should provide access to pg_authid, as that would allow > > >the user to byp

Re: [HACKERS] Additional role attributes && superuser review

On 12/29/14, 7:22 PM, Stephen Frost wrote: One other point is that this shouldn't imply any other privileges, imv. > >I'm specifically thinking of BYPASSRLS- that's independently grantable > >and therefore should be explicitly set, if it's intended. Things > >should work 'sanely' with any combin

Re: [HACKERS] Additional role attributes && superuser review

Jim, * Jim Nasby (jim.na...@bluetreble.com) wrote: > On 12/29/14, 4:01 PM, Stephen Frost wrote: > >That said, a 'DUMP' privilege which allows the user to dump the contents > >of the entire database is entirely reasonable. We need to be clear in > >the documentation though- such a 'DUMP' privilege

Re: [HACKERS] Additional role attributes && superuser review

On 12/29/14, 4:01 PM, Stephen Frost wrote: Adam, * Adam Brightwell (adam.brightw...@crunchydatasolutions.com) wrote: I'd suggest it's called DUMP if that's what it allows, to keep it separate from the backup parts. Makes sense to me. I'm fine calling it 'DUMP', but for different reasons. W

Re: [HACKERS] Additional role attributes && superuser review

Adam, * Adam Brightwell (adam.brightw...@crunchydatasolutions.com) wrote: > > I'd suggest it's called DUMP if that's what it allows, to keep it separate > > from the backup parts. > > Makes sense to me. I'm fine calling it 'DUMP', but for different reasons. We have no (verifiable) idea what cli

Re: [HACKERS] Additional role attributes && superuser review

Magnus, Thanks for the feedback. >> BACKUP - allows role to perform pg_dump* backups of whole database. >> > > I'd suggest it's called DUMP if that's what it allows, to keep it separate > from the backup parts. > Makes sense to me. That seems really bad names, IMHO. Why? Because we use WAL and

Re: [HACKERS] Additional role attributes && superuser review

On Wed, Dec 24, 2014 at 6:48 PM, Adam Brightwell < adam.brightw...@crunchydatasolutions.com> wrote: > All, > > I want to revive this thread and continue to move these new role > attributes forward. > > In summary, the ultimate goal is to include new role attributes for common > operations which cu

Re: [HACKERS] Additional role attributes && superuser review

All, I want to revive this thread and continue to move these new role attributes forward. In summary, the ultimate goal is to include new role attributes for common operations which currently require superuser privileges. Initially proposed were the following attributes: * BACKUP - allows role

Re: [HACKERS] Additional role attributes && superuser review

* Andrew Dunstan (and...@dunslane.net) wrote: > On 11/18/2014 04:58 PM, Adam Brightwell wrote: > >Attached is a quite trivial patch that addresses the int64 (C) to > >int8 (SQL) mapping issue. > > I think we should just apply this now. As Tom said the reason for > not doing it is long gone. Alrig

Re: [HACKERS] Additional role attributes && superuser review

On 11/06/2014 03:31 AM, Robert Haas wrote: [snip] We haven't reached consensus on this one yet and I didn't want it to fall too far off the radar. Here is what I summarize as the current state of the discussion: 1. Syntax: ALTER ROLE { ADD | DROP } CAPABILITY Though a bit late to this thr

Re: [HACKERS] Additional role attributes && superuser review

All, > If we're going to change the catalog representation for the existing > capabilities, I'd recommend that the first patch change the catalog > representation and add the new syntax without adding any more > capabilities; and then the second and subsequent patches can add > additional capabil

Re: [HACKERS] Additional role attributes && superuser review

On 11/18/2014 04:58 PM, Adam Brightwell wrote: All, Currently, I am using int32 simply because int64 is causing some issues. The issue is that genbki.pl is not able to associate it with the int8 type as defined in pg_type.h. Therefore Schema_pg_authid in sch

Re: [HACKERS] Additional role attributes && superuser review

Adam Brightwell writes: > Currently, I am using int32 simply because int64 is causing some issues. > The issue is that genbki.pl is not able to associate it with the int8 type > as defined in pg_type.h. Therefore Schema_pg_authid in schemapg.h isn't > defined correctly. I've been digging and scr

Re: [HACKERS] Additional role attributes && superuser review

All, > Currently, I am using int32 simply because int64 is causing some issues. > The issue is that genbki.pl is not able to associate it with the int8 > type as defined in pg_type.h. Therefore Schema_pg_authid in schemapg.h > isn't defined correctly. I've been digging and scratching my head on

Re: [HACKERS] Additional role attributes && superuser review

All, > 2. Catalog Representation: > > Condense all attributes in pg_authid to single int64 column and create > bitmasks accordingly. > I have been working on these changes and I was hoping for some assistance/recommendations. Currently, I am using int32 simply because int64 is causing some issu

Re: [HACKERS] Additional role attributes && superuser review

On Mon, Nov 3, 2014 at 11:44 AM, Adam Brightwell wrote: >> That said, I don't feel very strongly about that position, so if you and >> Robert (and others on the thread) agree that's the right approach then >> I'll see about getting it done. > > We haven't reached consensus on this one yet and I di

Re: [HACKERS] Additional role attributes && superuser review

* Adam Brightwell (adam.brightw...@crunchydatasolutions.com) wrote: > > That said, I don't feel very strongly about that position, so if you and > > Robert (and others on the thread) agree that's the right approach then > > I'll see about getting it done. Thanks for trying to make progress on this

Re: [HACKERS] Additional role attributes && superuser review

All, > That said, I don't feel very strongly about that position, so if you and > Robert (and others on the thread) agree that's the right approach then > I'll see about getting it done. We haven't reached consensus on this one yet and I didn't want it to fall too far off the radar. Here is wh

Re: [HACKERS] Additional role attributes && superuser review

* Alvaro Herrera (alvhe...@2ndquadrant.com) wrote: > Robert Haas wrote: > > On Thu, Oct 16, 2014 at 3:34 PM, Stephen Frost wrote: > > > > My feeling is basically this- either we make a clean break to the new > > > syntax and catalog representation, or we just use the same approach the > > > exist

Re: [HACKERS] Additional role attributes && superuser review

* Simon Riggs (si...@2ndquadrant.com) wrote: > On 16 October 2014 20:37, Stephen Frost wrote: > > >> How about > >> > >> GRANT EXECUTE [PRIVILEGES] ON CAPABILITY foo TO bar; > >> > >> That is similar to granting execution privs on a function. And I think > >> gets round the keyword issue? > > > >

Re: [HACKERS] Additional role attributes && superuser review

Robert Haas wrote: > On Thu, Oct 16, 2014 at 3:34 PM, Stephen Frost wrote: > > My feeling is basically this- either we make a clean break to the new > > syntax and catalog representation, or we just use the same approach the > > existing attriubtes use. Long term, I think your proposed syntax an

Re: [HACKERS] Additional role attributes && superuser review

On 16 October 2014 20:37, Stephen Frost wrote: >> How about >> >> GRANT EXECUTE [PRIVILEGES] ON CAPABILITY foo TO bar; >> >> That is similar to granting execution privs on a function. And I think >> gets round the keyword issue? > > No, it doesn't.. EXECUTE isn't reserved at all. Yet GRANT EXEC

Re: [HACKERS] Additional role attributes && superuser review

* Robert Haas (robertmh...@gmail.com) wrote: > On Thu, Oct 16, 2014 at 3:34 PM, Stephen Frost wrote: > > My feeling is basically this- either we make a clean break to the new > > syntax and catalog representation, or we just use the same approach the > > existing attriubtes use. Long term, I thin

Re: [HACKERS] Additional role attributes && superuser review

On Thu, Oct 16, 2014 at 3:34 PM, Stephen Frost wrote: > * Robert Haas (robertmh...@gmail.com) wrote: >> On Thu, Oct 16, 2014 at 3:09 PM, Stephen Frost wrote: >> > * Robert Haas (robertmh...@gmail.com) wrote: >> >> Ah, good point. Using ALTER ROLE is better. Maybe we should do ALTER >> >> ROLE .

Re: [HACKERS] Additional role attributes && superuser review

On 10/16/14, 10:47 AM, Stephen Frost wrote: As others have commented, I too think this should support pg_dump. > > > >I'm uttly mystified as to what that*means*. Everyone asking for it is > >great but until someone can define what "support pg_dump" means, there's > >not much progress I can make

Re: [HACKERS] Additional role attributes && superuser review

* Simon Riggs (si...@2ndquadrant.com) wrote: > On 16 October 2014 20:04, Robert Haas wrote: > >>> GRANT CAPABILITY whatever TO somebody; > >> > >> So, we went back to just role attributes to avoid the keyword issue.. > >> The above would require making 'CAPABILITY' a reserved word, and there > >>

Re: [HACKERS] Additional role attributes && superuser review

* Robert Haas (robertmh...@gmail.com) wrote: > On Thu, Oct 16, 2014 at 3:09 PM, Stephen Frost wrote: > > * Robert Haas (robertmh...@gmail.com) wrote: > >> Ah, good point. Using ALTER ROLE is better. Maybe we should do ALTER > >> ROLE .. [ ADD | DROP ] CAPABILITY x. That would still require maki

Re: [HACKERS] Additional role attributes && superuser review

On 16 October 2014 20:04, Robert Haas wrote: >>> I'd suggest calling these capabilities, and allow: >>> >>> GRANT CAPABILITY whatever TO somebody; >> >> So, we went back to just role attributes to avoid the keyword issue.. >> The above would require making 'CAPABILITY' a reserved word, and there

Re: [HACKERS] Additional role attributes && superuser review

On Thu, Oct 16, 2014 at 3:09 PM, Stephen Frost wrote: > * Robert Haas (robertmh...@gmail.com) wrote: >> Ah, good point. Using ALTER ROLE is better. Maybe we should do ALTER >> ROLE .. [ ADD | DROP ] CAPABILITY x. That would still require making >> CAPABILITY a keyword, but it could be unreserve

Re: [HACKERS] Additional role attributes && superuser review

* Robert Haas (robertmh...@gmail.com) wrote: > Ah, good point. Using ALTER ROLE is better. Maybe we should do ALTER > ROLE .. [ ADD | DROP ] CAPABILITY x. That would still require making > CAPABILITY a keyword, but it could be unreserved. That works for me- would we change the existing role att

Re: [HACKERS] Additional role attributes && superuser review

On Thu, Oct 16, 2014 at 2:59 PM, Stephen Frost wrote: > * Robert Haas (robertmh...@gmail.com) wrote: >> On Thu, Oct 16, 2014 at 11:24 AM, Alvaro Herrera >> wrote: >> > To me, what this repeated discussion on this particular BACKUP point >> > says, is that the ability to run pg_start/stop_backend

Re: [HACKERS] Additional role attributes && superuser review

* Robert Haas (robertmh...@gmail.com) wrote: > On Thu, Oct 16, 2014 at 11:24 AM, Alvaro Herrera > wrote: > > To me, what this repeated discussion on this particular BACKUP point > > says, is that the ability to run pg_start/stop_backend and the xlog > > related functions should be a different pri

Re: [HACKERS] Additional role attributes && superuser review

On Thu, Oct 16, 2014 at 11:24 AM, Alvaro Herrera wrote: > Stephen Frost wrote: >> * Petr Jelinek (p...@2ndquadrant.com) wrote: >> > On 15/10/14 07:22, Stephen Frost wrote: >> > > First though, the new privileges, about which the bikeshedding can >> > > begin, short-and-sweet format: >> > > >>

Re: [HACKERS] Additional role attributes && superuser review

Alvaro, * Alvaro Herrera (alvhe...@2ndquadrant.com) wrote: > Stephen Frost wrote: > > * Petr Jelinek (p...@2ndquadrant.com) wrote: > > > On 15/10/14 07:22, Stephen Frost wrote: > > > > First though, the new privileges, about which the bikeshedding can > > > > begin, short-and-sweet format: > >

Re: [HACKERS] Additional role attributes && superuser review

Stephen Frost wrote: > * Petr Jelinek (p...@2ndquadrant.com) wrote: > > On 15/10/14 07:22, Stephen Frost wrote: > > > First though, the new privileges, about which the bikeshedding can > > > begin, short-and-sweet format: > > > > > > BACKUP: > > > pg_start_backup() > > > pg_stop_backu

Re: [HACKERS] Additional role attributes && superuser review

* Tom Lane (t...@sss.pgh.pa.us) wrote: > Stephen Frost writes: > > * Petr Jelinek (p...@2ndquadrant.com) wrote: > >> Yeah it will, mainly because extensions can load modules and can > >> have untrusted functions, we might want to limit which extensions > >> are possible to create without being sup

Re: [HACKERS] Additional role attributes && superuser review

Stephen Frost writes: > * Petr Jelinek (p...@2ndquadrant.com) wrote: >> Yeah it will, mainly because extensions can load modules and can >> have untrusted functions, we might want to limit which extensions >> are possible to create without being superuser. > The extension has to be available on t

Re: [HACKERS] Additional role attributes && superuser review

* Simon Riggs (si...@2ndquadrant.com) wrote: > On 16 October 2014 12:59, Stephen Frost wrote: > >> > LOGROTATE: > >> > pg_rotate_logfile() > >> > >> Do we need one just for that? > > > > It didn't seem to "belong" to any others and it's currently limited to > > superuser but useful for non-s

Re: [HACKERS] Additional role attributes && superuser review

* Petr Jelinek (p...@2ndquadrant.com) wrote: > The explanation you wrote to Jim makes sense, plus given the comment > from Magnus about REPLICATION flag I guess I am happy enough with it > (I might have liked to have REPLICATION flag to somehow be part of > BACKUP flag but that's very minor thing).

Re: [HACKERS] Additional role attributes && superuser review

* Magnus Hagander (mag...@hagander.net) wrote: > On Oct 16, 2014 1:59 PM, "Stephen Frost" wrote: > > Once I understand what "include pg_dump" and "include pg_basebackup" > > mean, I'd be happy to work on adding those. > > Include pg_basebackup would mean the replication protocol methods for base

Re: [HACKERS] Additional role attributes && superuser review

On 16 October 2014 12:59, Stephen Frost wrote: >> > LOGROTATE: >> > pg_rotate_logfile() >> >> Do we need one just for that? > > It didn't seem to "belong" to any others and it's currently limited to > superuser but useful for non-superusers, so I would argue 'yes'. Now, > another option (a

Re: [HACKERS] Additional role attributes && superuser review

On 16/10/14 13:44, Stephen Frost wrote: * Petr Jelinek (p...@2ndquadrant.com) wrote: On 15/10/14 07:22, Stephen Frost wrote: First though, the new privileges, about which the bikeshedding can begin, short-and-sweet format: BACKUP: pg_start_backup() pg_stop_backup() pg_s

Re: [HACKERS] Additional role attributes && superuser review

On Oct 16, 2014 1:59 PM, "Stephen Frost" wrote: > > * Simon Riggs (si...@2ndquadrant.com) wrote: > > On 15 October 2014 06:22, Stephen Frost wrote: > > > BACKUP: > > > pg_start_backup() > > > pg_stop_backup() > > > pg_switch_xlog() > > > pg_create_restore_point() > > > > Yes, bu

Re: [HACKERS] Additional role attributes && superuser review

Jim, * Jim Nasby (jim.na...@bluetreble.com) wrote: > On 10/15/14, 12:22 AM, Stephen Frost wrote: > > BACKUP: > > pg_start_backup() > > pg_stop_backup() > > pg_switch_xlog() > > pg_create_restore_point() > > It seems odd to me that this (presumably) supports PITR but not pg_dump*

Re: [HACKERS] Additional role attributes && superuser review

* Simon Riggs (si...@2ndquadrant.com) wrote: > On 15 October 2014 06:22, Stephen Frost wrote: > > BACKUP: > > pg_start_backup() > > pg_stop_backup() > > pg_switch_xlog() > > pg_create_restore_point() > > Yes, but its more complex. As Jim says, you need to include pg_dump, > plus

Re: [HACKERS] Additional role attributes && superuser review

* Petr Jelinek (p...@2ndquadrant.com) wrote: > On 15/10/14 07:22, Stephen Frost wrote: > > First though, the new privileges, about which the bikeshedding can > > begin, short-and-sweet format: > > > > BACKUP: > > pg_start_backup() > > pg_stop_backup() > > pg_switch_xlog() > >

Re: [HACKERS] Additional role attributes && superuser review

On 15/10/14 07:22, Stephen Frost wrote: First though, the new privileges, about which the bikeshedding can begin, short-and-sweet format: BACKUP: pg_start_backup() pg_stop_backup() pg_switch_xlog() pg_create_restore_point() As others have commented, I too think th

Re: [HACKERS] Additional role attributes && superuser review

On 15 October 2014 06:22, Stephen Frost wrote: > BACKUP: > pg_start_backup() > pg_stop_backup() > pg_switch_xlog() > pg_create_restore_point() Yes, but its more complex. As Jim says, you need to include pg_dump, plus you need to include the streaming utilities, e.g. pg_baseback

Re: [HACKERS] Additional role attributes && superuser review

On 10/15/14, 12:22 AM, Stephen Frost wrote: BACKUP: pg_start_backup() pg_stop_backup() pg_switch_xlog() pg_create_restore_point() It seems odd to me that this (presumably) supports PITR but not pg_dump*. I realize that most folks probably don't use pg_dump for actual bac

[HACKERS] Additional role attributes && superuser review

Greetings, The attached patch for review implements a few additional role attributes (all requested by users or clients in various forums) for common operations which currently require superuser privileges. This is not a complete solution for all of the superuser-only privileges we have

<    1   2