Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit a0ffa88

Browse files
committed
Allow granting SET and ALTER SYSTEM privileges on GUC parameters.
This patch allows "PGC_SUSET" parameters to be set by non-superusers if they have been explicitly granted the privilege to do so. The privilege to perform ALTER SYSTEM SET/RESET on a specific parameter can also be granted. Such privileges are cluster-wide, not per database. They are tracked in a new shared catalog, pg_parameter_acl. Granting and revoking these new privileges works as one would expect. One caveat is that PGC_USERSET GUCs are unaffected by the SET privilege --- one could wish that those were handled by a revocable grant to PUBLIC, but they are not, because we couldn't make it robust enough for GUCs defined by extensions. Mark Dilger, reviewed at various times by Andrew Dunstan, Robert Haas, Joshua Brindle, and myself Discussion: https://postgr.es/m/3D691E20-C1D5-4B80-8BA5-6BEB63AF3029@enterprisedb.com
1 parent 2ef6f11 commit a0ffa88

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

44 files changed

+2465
-194
lines changed

doc/src/sgml/catalogs.sgml

+76-1
Original file line numberDiff line numberDiff line change
@@ -220,6 +220,11 @@
220220
<entry>access method operator families</entry>
221221
</row>
222222

223+
<row>
224+
<entry><link linkend="catalog-pg-parameter-acl"><structname>pg_parameter_acl</structname></link></entry>
225+
<entry>configuration parameters for which privileges have been granted</entry>
226+
</row>
227+
223228
<row>
224229
<entry><link linkend="catalog-pg-partitioned-table"><structname>pg_partitioned_table</structname></link></entry>
225230
<entry>information about partition key of tables</entry>
@@ -5450,6 +5455,74 @@ SCRAM-SHA-256$<replaceable>&lt;iteration count&gt;</replaceable>:<replaceable>&l
54505455
</sect1>
54515456

54525457

5458+
<sect1 id="catalog-pg-parameter-acl">
5459+
<title><structname>pg_parameter_acl</structname></title>
5460+
5461+
<indexterm zone="catalog-pg-parameter-acl">
5462+
<primary>pg_parameter_acl</primary>
5463+
</indexterm>
5464+
5465+
<para>
5466+
The catalog <structname>pg_parameter_acl</structname> records configuration
5467+
parameters for which privileges have been granted to one or more roles.
5468+
No entry is made for parameters that have default privileges.
5469+
</para>
5470+
5471+
<para>
5472+
Unlike most system catalogs, <structname>pg_parameter_acl</structname>
5473+
is shared across all databases of a cluster: there is only one
5474+
copy of <structname>pg_parameter_acl</structname> per cluster, not
5475+
one per database.
5476+
</para>
5477+
5478+
<table>
5479+
<title><structname>pg_parameter_acl</structname> Columns</title>
5480+
<tgroup cols="1">
5481+
<thead>
5482+
<row>
5483+
<entry role="catalog_table_entry"><para role="column_definition">
5484+
Column Type
5485+
</para>
5486+
<para>
5487+
Description
5488+
</para></entry>
5489+
</row>
5490+
</thead>
5491+
5492+
<tbody>
5493+
<row>
5494+
<entry role="catalog_table_entry"><para role="column_definition">
5495+
<structfield>oid</structfield> <type>oid</type>
5496+
</para>
5497+
<para>
5498+
Row identifier
5499+
</para></entry>
5500+
</row>
5501+
5502+
<row>
5503+
<entry role="catalog_table_entry"><para role="column_definition">
5504+
<structfield>parname</structfield> <type>text</type>
5505+
</para>
5506+
<para>
5507+
The name of a configuration parameter for which privileges are granted
5508+
</para></entry>
5509+
</row>
5510+
5511+
<row>
5512+
<entry role="catalog_table_entry"><para role="column_definition">
5513+
<structfield>paracl</structfield> <type>aclitem[]</type>
5514+
</para>
5515+
<para>
5516+
Access privileges; see <xref linkend="ddl-priv"/> for details
5517+
</para></entry>
5518+
</row>
5519+
5520+
</tbody>
5521+
</tgroup>
5522+
</table>
5523+
</sect1>
5524+
5525+
54535526
<sect1 id="catalog-pg-partitioned-table">
54545527
<title><structname>pg_partitioned_table</structname></title>
54555528

@@ -12747,7 +12820,8 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx
1274712820
<filename>postgresql.conf</filename> without restarting the server.
1274812821
They can also be set for a particular session in the connection request
1274912822
packet (for example, via <application>libpq</application>'s <literal>PGOPTIONS</literal>
12750-
environment variable), but only if the connecting user is a superuser.
12823+
environment variable), but only if the connecting user is a superuser
12824+
or has been granted the appropriate <literal>SET</literal> privilege.
1275112825
However, these settings never change in a session after it is started.
1275212826
If you change them in <filename>postgresql.conf</filename>, send a
1275312827
<systemitem>SIGHUP</systemitem> signal to the postmaster to cause it to
@@ -12781,6 +12855,7 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx
1278112855
<para>
1278212856
These settings can be set from <filename>postgresql.conf</filename>,
1278312857
or within a session via the <command>SET</command> command; but only superusers
12858+
and users with the appropriate <literal>SET</literal> privilege
1278412859
can change them via <command>SET</command>. Changes in
1278512860
<filename>postgresql.conf</filename> will affect existing sessions
1278612861
only if no session-local value has been established with <command>SET</command>.

0 commit comments

Comments
 (0)