Re: Directory/File Access Permissions for COPY and Generic File Access Functions - Mailing list pgsql-hackers

From Robert Haas
Subject Re: Directory/File Access Permissions for COPY and Generic File Access Functions
Date
Msg-id CA+Tgmoa+94YqO+zzOp6f-ZByi=wPiLx1fMxuZ-pWGRJhfrD3Xg@mail.gmail.com
Whole thread Raw
In response to Re: Directory/File Access Permissions for COPY and Generic File Access Functions  (Stephen Frost <sfrost@snowman.net>)
Responses Re: Directory/File Access Permissions for COPY and Generic File Access Functions
List pgsql-hackers
On Wed, Oct 29, 2014 at 6:50 AM, Stephen Frost <sfrost@snowman.net> wrote:
> This could work though.  We could add an array to pg_authid which is a
> complex type that combines the permission allowed with the directory
> somehow.  Feels like it might get a bit clumsy though.

Sure, I'm just throwing things out to see what sticks.  It would be
helpful to have more input from others on what they like and dislike,
too; I'm not pretending my input is Gospel.

> One other thing occured to me while I was considering Peter's idea about
> using the 'DIRALIAS' name- replicas and/or database migrations.
> pg_basebackup always really annoyed me that you had to have your
> tablespace directories set up *exactly* the same way when doing the
> restore.  That stinks.  If we actually used the DIRALIAS name then
> sysadmins could abstract out the location and could handle migrations
> and/or changes to the filesystem structure without having to bother the
> DBAs to update their code to the new location.  That's not something the
> other RDBMS's have that I could see, but it strikes me as a nice
> capability anyway and, well, we're certainly not limited to just
> implementing what others have.

Of course, any design that stores paths in the system catalogs is
going to have the problem that the standby will perforce have the same
configuration as the master.

I'm fuzzy on how you see DIRALIAS helping with tablespace migrations,
etc.  There's no obvious way to make a tablespace definition reference
an alias rather than a pathname; it's just a filesystem-level symlink.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company



pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: WITH CHECK and Column-Level Privileges
Next
From: Stephen Frost
Date:
Subject: Re: Directory/File Access Permissions for COPY and Generic File Access Functions