pgsql: In pg_dump, include pg_catalog and extension ACLs, if changed - Mailing list pgsql-committers

From Stephen Frost
Subject pgsql: In pg_dump, include pg_catalog and extension ACLs, if changed
Date
Msg-id E1anz15-0007py-DX@gemulon.postgresql.org
Whole thread Raw
List pgsql-committers
In pg_dump, include pg_catalog and extension ACLs, if changed

Now that all of the infrastructure exists, add in the ability to
dump out the ACLs of the objects inside of pg_catalog or the ACLs
for objects which are members of extensions, but only if they have
been changed from their original values.

The original values are tracked in pg_init_privs.  When pg_dump'ing
9.6-and-above databases, we will dump out the ACLs for all objects
in pg_catalog and the ACLs for all extension members, where the ACL
has been changed from the original value which was set during either
initdb or CREATE EXTENSION.

This should not change dumps against pre-9.6 databases.

Reviews by Alexander Korotkov, Jose Luis Tallon

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/23f34fa4ba358671adab16773e79c17c92cbc870

Modified Files
--------------
doc/src/sgml/extend.sgml                   |   21 +
src/backend/catalog/aclchk.c               |   17 +-
src/backend/utils/adt/pg_upgrade_support.c |   12 +
src/bin/initdb/initdb.c                    |    6 +-
src/bin/pg_dump/dumputils.c                |  274 ++++++-
src/bin/pg_dump/dumputils.h                |    9 +-
src/bin/pg_dump/pg_dump.c                  | 1077 +++++++++++++++++++++++-----
src/bin/pg_dump/pg_dump.h                  |   24 +
src/bin/pg_dump/pg_dumpall.c               |    6 +-
src/include/catalog/binary_upgrade.h       |    2 +
src/include/catalog/pg_proc.h              |    2 +
src/test/regress/expected/init_privs.out   |   13 +
src/test/regress/parallel_schedule         |    2 +-
src/test/regress/serial_schedule           |    1 +
src/test/regress/sql/init_privs.sql        |   11 +
15 files changed, 1268 insertions(+), 209 deletions(-)


pgsql-committers by date:

Previous
From: Stephen Frost
Date:
Subject: pgsql: Add new catalog called pg_init_privs
Next
From: Stephen Frost
Date:
Subject: pgsql: Use GRANT system to manage access to sensitive functions