BUG #16795: Can't give "grant execute on pg_start_backup to .." - Mailing list pgsql-bugs
From | PG Bug reporting form |
---|---|
Subject | BUG #16795: Can't give "grant execute on pg_start_backup to .." |
Date | |
Msg-id | 16795-0d02ad33c474bfbe@postgresql.org Whole thread Raw |
Responses |
Re: BUG #16795: Can't give "grant execute on pg_start_backup to .."
|
List | pgsql-bugs |
The following bug has been logged on the website: Bug reference: 16795 Logged by: Ken Email address: ken.karma@gmail.com PostgreSQL version: 13.1 Operating system: CentOS Linux release 7.9.2009 Description: I'm want to make backup user who haven't SUPERUSER, but have "Replication" role what must be enough, in document: 25.3.3.1. Making a Non-Exclusive Low-Level Backup A non-exclusive low level backup is one that allows other concurrent backups to be running (both those started using the same backup API and those started using pg_basebackup). Ensure that WAL archiving is enabled and working. Connect to the server (it does not matter which database) as a user with rights to run pg_start_backup (superuser, or a user who has been granted EXECUTE on the function) and issue the command: SELECT pg_start_backup('label', false, false); But I can't give this grant: psql -U postgres psql (13.1) Type "help" for help. postgres=# create role backup replication login; CREATE ROLE postgres=# grant pg_read_all_settings to backup ; GRANT ROLE postgres=# grant SELECT on pg_start_backup to backup ; ERROR: relation "pg_start_backup" does not exist postgres=# grant EXECUTE on pg_catalog.pg_start_backup to backup ; ERROR: relation "pg_catalog.pg_start_backup" does not exist postgres=# grant SELECT on pg_catalog.pg_start_backup to backup ; ERROR: relation "pg_catalog.pg_start_backup" does not exist postgres=# select pg_start_backup('Daily backup'); pg_start_backup ----------------- 0/10000028 (1 row) postgres=# \df pg_start_backup ; List of functions Schema | Name | Result data type | Argument data types | Type ------------+-----------------+------------------+------------------------------------------------------------------------+------ pg_catalog | pg_start_backup | pg_lsn | label text, fast boolean DEFAULT false, exclusive boolean DEFAULT true | func (1 row) [root@host.test.mta ~]# psql -U backup postgres psql (13.1) Type "help" for help. postgres=> select pg_start_backup('Daily backup'); ERROR: permission denied for function pg_start_backup postgres=> \du+ List of roles Role name | Attributes | Member of | Description -----------+------------------------------------------------------------+------------------------+------------- backup | Replication | {pg_read_all_settings} | postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {} | In PostrgreSQL log: 2020-12-28 19:20:07.696 EET postgres postgres [10076]ERROR: relation "pg_catalog.pg_start_backup" does not exist 2020-12-28 19:20:07.696 EET postgres postgres [10076]STATEMENT: grant EXECUTE on pg_catalog.pg_start_backup to backup ; 2020-12-28 19:21:48.853 EET postgres postgres [10076]ERROR: relation "pg_catalog.pg_start_backup" does not exist 2020-12-28 19:21:48.853 EET postgres postgres [10076]STATEMENT: grant SELECT on pg_catalog.pg_start_backup to backup ; 2020-12-28 20:18:30.281 EET postgres backup [12482]ERROR: permission denied for function pg_start_backup 2020-12-28 20:18:30.281 EET postgres backup [12482]STATEMENT: select pg_start_backup('Daily backup'); Do I miss something, why can't I give execute on pg_start_backup to user backup?
pgsql-bugs by date: