Postgres Pro
Downloads
Home   >   mailing lists

Thread: pg_shadow dump annoying problem

pg_shadow dump annoying problem

From
Gaetano Mendola
Date:
Hi all,
doing a postgres dump I a couple of time in an
annoying problem:

# pg_dumpall -g > pg_user.sql
# head -n 12 pg_user.sql
--
-- PostgreSQL database cluster dump
--

\connect "template1"

--
-- Users
--

DELETE FROM pg_shadow WHERE usesysid <> (SELECT datdba FROM pg_database
WHERE datname = 'template0');




Now if the file pg_user.sql is used accidentally by a user that is not
postgres the result is that all users are deleted ( also the user that
is doing the restore ) and no other user is created.

May be the "DELETE" phase shall be:

DELETE FROM pg_shadow WHERE usesysid <> (SELECT datdba FROM pg_database
WHERE datname = 'template0') AND usename <> current_user;

am I miss something ?

Regards
Gaetano Mendola

Re: pg_shadow dump annoying problem

From
Tom Lane
Date:
Gaetano Mendola <mendola@bigfoot.com> writes:
> [ pg_dumpall emits this: ]
> DELETE FROM pg_shadow WHERE usesysid <> (SELECT datdba FROM pg_database
> WHERE datname = 'template0');

> Now if the file pg_user.sql is used accidentally by a user that is not
> postgres the result is that all users are deleted ( also the user that
> is doing the restore ) and no other user is created.

How so?  If that deletes all users then you have already removed the
user who owns template0, ie, the user who did initdb.  That is a really
bad idea.

            regards, tom lane

Re: pg_shadow dump annoying problem

From
Gaetano Mendola
Date:
Tom Lane wrote:
> Gaetano Mendola <mendola@bigfoot.com> writes:
>
>>[ pg_dumpall emits this: ]
>>DELETE FROM pg_shadow WHERE usesysid <> (SELECT datdba FROM pg_database
>>WHERE datname = 'template0');
>
>
>>Now if the file pg_user.sql is used accidentally by a user that is not
>>postgres the result is that all users are deleted ( also the user that
>>is doing the restore ) and no other user is created.
>
>
> How so?  If that deletes all users then you have already removed the
> user who owns template0, ie, the user who did initdb.  That is a really
> bad idea.

I didn't say this, I just wrote that if the file generated is used
by a user different the postgres will result in a disaster, and may be is
better not delete all the user except the user that own template0 but
not delete the user that own template0 and the current_user.


Regards
Gaetano Mendola