Hi all,
As of now, file access functions in genfile.c can only be used by
superusers. This proposal is to relax those functions so as
replication users can use them as well. Here are the functions aimed
by this patch:
- pg_stat_file
- pg_read_binary_file
- pg_read_file
- pg_ls_dir
The main argument for this change is that pg_rewind makes use of those
functions, forcing users to use a superuser role when rewinding a
node. And with this patch, we could allow replication roles to do the
same. Another argument in favor of this change is to allow replication
users to dump directly the contents of PGDATA via SQL, though I don't
believe that there are many people doing so these days.
Also, replication roles can already have an access to the contents of
PGDATA by taking a base backup for example, so this change looks
logical to me, even if we filter out some files in a base backup,
though I could not find any arguments to not let a replication user
have a look at them via those functions. A patch is attached, I am
adding it as well to the next CF.
Regards,
--
Michael
