Re: Glossary and initdb definition work for "superuser" and database/cluster - Mailing list pgsql-hackers

From Justin Pryzby
Subject Re: Glossary and initdb definition work for "superuser" and database/cluster
Date
Msg-id 20221102002025.GF16921@telsasoft.com
Whole thread Raw
In response to Glossary and initdb definition work for "superuser" and database/cluster  ("David G. Johnston" <david.g.johnston@gmail.com>)
Responses Re: Glossary and initdb definition work for "superuser" and database/cluster
List pgsql-hackers
On Tue, Nov 01, 2022 at 03:47:15PM -0700, David G. Johnston wrote:
> Hey,
> 
> Recent threads have pointed out some long-standing doc language in initdb
> that could be made more precise, especially in light of the relatively
> recent addition of a glossary.  Toward this end I'm attaching a patch that
> defines three terms: "bootstrap superuser", "database superuser" and
> "superuser".  I didn't add any extra-glossary links for the later two but
> did for the limited-in-scope bootstrap superuser that is really only
> defined in initdb (actually, I suspect the authorization docs could use a
> link too but haven't gone looking for an appropriate place yet).
> 
> In passing I also changed a few places where the documentation says
> "database" when the thing being referred to is basically the file system
> data directory, which is a cluster-scoped thing.
> 
> I did some grep'ing, though another pass or two is probably worthwhile.
> For now I submit a preliminary patch for consideration and buy-in before
> trying to polish it up.

I think this is wrong:

| https://www.postgresql.org/docs/devel/app-initdb.html
| -U username
| --username=username
| 
|     Selects the user name of the database superuser. This defaults to
|     the name of the effective user running initdb [...]

It's true that the user who runs initdb is typically named "postgres",
but that's only by convention.

>+     This user owns all system catalog tables in each database.  It also is the role
>+     from which all granted permission originate.  Because of these things this
>+     role may not be dropped.

plural permissions

these comma

>+     While the <glossterm linkend="glossary-bootstrap-superuser">bootstrap superuser</glossterm> is
>+     a database superuser it has special obligations and restrictions that plain database superusers do not.

comma it

>+  <glossentry id="glossary-superuser">
>+   <glossterm>Superuser</glossterm>
>+   <glossdef>
>+    <para>
>+     As used in this documentation it is a synonym for

comma it

>    Creating a database cluster consists of creating the directories in
>-   which the database data will live, generating the shared catalog
>+   which the cluster data will live, generating the shared catalog

+1

>    tables (tables that belong to the whole cluster rather than to any
>-   particular database), and creating the <literal>postgres</literal>,
>-   <literal>template1</literal>, and <literal>template0</literal> databases.
>+   particular database), creating the <literal>postgres</literal>,
>+   <literal>template1</literal>, and <literal>template0</literal> databases,
>+   and creating the
>+   <glossterm linkend="glossary-bootstrap-superuser">boostrap superuser</glossterm>
>+   (<literal>postgres</literal>, by default).

"postgres" is wrong

>     For security reasons the new cluster created by <command>initdb</command>
>-    will only be accessible by the cluster owner by default.  The
>+    will only be accessible by the cluster user by default.  The

I prefer "cluster owner"

>         <command>initdb</command>, but you can avoid writing it by
>         setting the <envar>PGDATA</envar> environment variable, which
>         can be convenient since the database server
>-        (<command>postgres</command>) can find the database
>+        (<command>postgres</command>) can find the data
>         directory later by the same variable.

+1

>-        Makes <command>initdb</command> read the database superuser's password
>+        Makes <command>initdb</command> read the bootstrap superuser's password
>         from a file.  The first line of the file is taken as the password.

+1

>-        Safely write all database files to disk and exit.  This does not
>+        Safely write all database cluster files to disk and exit.  This does not

+1

>         It may be useful to adjust this size to control the granularity of
>-        WAL log shipping or archiving.  Also, in databases with a high volume
>+        WAL log shipping or archiving.  Also, in clusters with a high volume
>         of WAL, the sheer number of WAL files per directory can become a

+1



pgsql-hackers by date:

Previous
From: Simon Riggs
Date:
Subject: Re: Error for WITH options on partitioned tables
Next
From: Andres Freund
Date:
Subject: Re: Direct I/O