Ian Campbell writes ("Re: [OSSTEST PATCH 3/7] Schema: Remove SET OWNER and
GRANT/REVOKE from schema/initial.sql"):
> I suppose the resulting comments in initial.sql are useful even for
> illustration (i.e. not much point in removing).
Yes. Also they reflect actual stuff in at least the Cambridge
instance.
> I noticed that owner is not always osstest, I see instances of iwj,
> postgres and osstest_ro. I guess iwj is some historical baggage which the
> expectation to run as the role user supercedes, but I'm not sure about
> osstest_ro or postgres?
osstest_ro is a user that can only read things which seemed like a
good idea at the time but in practice isn't ever used for anything.
iwj is historical baggage.
If we decide we want the schema to have an access control scheme that
is different to what we have now, other than the default, I think we
would now do this by writing an idempotent schema update script to set
things right.
I forget what the `public' and `postgresql' stuff is for. The GRANTs
and REVOKEs. I'm removing are evidently not important because the
database creation works fine without :-).
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
