Postgres Pro
Downloads
Home   >   mailing lists

Re: PG 16 draft release notes ready - Mailing list pgsql-hackers

From Bruce Momjian
Subject Re: PG 16 draft release notes ready
Date
Msg-id ZN2Hval7UFxl4MA6@momjian.us
Whole thread Raw
In response to Re: PG 16 draft release notes ready  (Bruce Momjian <bruce@momjian.us>)
Responses Re: PG 16 draft release notes ready
List pgsql-hackers
Tree view 
On Wed, Aug  9, 2023 at 08:35:21PM -0400, Bruce Momjian wrote:
> On Sat, Aug  5, 2023 at 04:08:47PM -0700, Noah Misch wrote:
> > > Author: Robert Haas <rhaas@postgresql.org>
> > > 2022-08-25 [e3ce2de09] Allow grant-level control of role inheritance behavior.
> > > -->
> > > 
> > > <listitem>
> > > <para>
> > > Allow GRANT to control role inheritance behavior (Robert Haas)
> > > </para>
> > > 
> > > <para>
> > > By default, role inheritance is controlled by the inheritance status of the member role.  The new GRANT clauses
WITHINHERIT and WITH ADMIN can now override this.
 
> > > </para>
> > > </listitem>
> > > 
> > > <!--
> > > Author: Robert Haas <rhaas@postgresql.org>
> > > 2023-01-10 [e5b8a4c09] Add new GUC createrole_self_grant.
> > > Author: Daniel Gustafsson <dgustafsson@postgresql.org>
> > > 2023-02-22 [e00bc6c92] doc: Add default value of createrole_self_grant
> > > -->
> > > 
> > > <listitem>
> > > <para>
> > > Allow roles that create other roles to automatically inherit the new role's rights or SET ROLE to the new role
(RobertHaas, Shi Yu)
 
> > > </para>
> > > 
> > > <para>
> > > This is controlled by server variable createrole_self_grant.
> > > </para>
> > > </listitem>
> > 
> > Similarly, v16 radically changes the CREATE ROLE ... WITH INHERIT clause.  The
> > clause used to "change the behavior of already-existing grants."  Let's merge
> > these two and move the combination to the incompatibilities section.
> 
> I need help with this.  I don't understand how they can be combined, and
> I don't understand the incompatibility text in commit e3ce2de09d:
> 
>     If a GRANT does not specify WITH INHERIT, the behavior based on
>     whether the member role is marked INHERIT or NOINHERIT. This means
>     that if all roles are marked INHERIT or NOINHERIT before any role
>     grants are performed, the behavior is identical to what we had before;
>     otherwise, it's different, because ALTER ROLE [NO]INHERIT now only
>     changes the default behavior of future grants, and has no effect on
>     existing ones.

I am waiting for an answer to this question, or can I assume the release
notes are acceptable?

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  Only you can decide what is important to you.

pgsql-hackers by date:

Previous
From: Bruce Momjian
Date:
Subject: Re: PG 16 draft release notes ready
Next
From: Thomas Munro
Date:
Subject: Re: Rename ExtendedBufferWhat in 16?