Re: Add default role 'pg_access_server_files' - Mailing list pgsql-hackers

From Thomas Munro
Subject Re: Add default role 'pg_access_server_files'
Date
Msg-id CAEepm=1XEtC4f1WZy66vytKX-tt1r5rvjLcpXdEDA305vdw5hQ@mail.gmail.com
Whole thread Raw
In response to Add default role 'pg_access_server_files'  (Stephen Frost <sfrost@snowman.net>)
Responses Re: Add default role 'pg_access_server_files'
List pgsql-hackers
On Mon, Jan 1, 2018 at 8:19 AM, Stephen Frost <sfrost@snowman.net> wrote:
> Greetings,
>
> This patch adds a new default role called 'pg_access_server_files' which
> allows an administrator to GRANT to a non-superuser role the ability to
> access server-side files through PostgreSQL (as the user the database is
> running as).  By itself, having this role allows a non-superuser to use
> server-side COPY and to use file_fdw (if installed by a superuser and
> GRANT'd USAGE on it).

Hi Stephen,

Not sure if you are aware of this failure?

test file_fdw                 ... FAILED

Because:

! ERROR: only superuser can change options of a file_fdw foreign table
...
! ERROR: only superuser or a member of the pg_access_server_files role
can change options of a file_fdw foreign table

-- 
Thomas Munro
http://www.enterprisedb.com


pgsql-hackers by date:

Previous
From: Stephen Frost
Date:
Subject: Re: [HACKERS] Support to COMMENT ON DATABASE CURRENT_DATABASE
Next
From: Peter Geoghegan
Date:
Subject: Re: [HACKERS] Parallel tuplesort (for parallel B-Tree index creation)