From 42b3349513dfbffd52cc488942dded6a2a63b1fc Mon Sep 17 00:00:00 2001 From: Bharath Rupireddy Date: Wed, 13 Oct 2021 06:09:18 +0000 Subject: [PATCH v2] change privileges of pg_backend_memory_contexts and pg_shmem_allocations In a typical production environment, the user (not necessarily a superuser) wants to analyze the memory usage via pg_backend_memory_contexts view or pg_shmem_allocations view which are accessible to only superusers. This patch allows non-superusers with a predefined role pg_read_all_stats to access them. While on this, change the way the tests use pg_log_backend_memory_contexts() Usually for functions, we don't use "SELECT-FROM-<>", we just use "SELECT-<>". --- src/backend/catalog/system_views.sql | 4 +++ src/test/regress/expected/misc_functions.out | 2 +- src/test/regress/expected/privileges.out | 38 ++++++++++++++++++++ src/test/regress/sql/misc_functions.sql | 2 +- src/test/regress/sql/privileges.sql | 33 +++++++++++++++++ 5 files changed, 77 insertions(+), 2 deletions(-) diff --git a/src/backend/catalog/system_views.sql b/src/backend/catalog/system_views.sql index 55f6e3711d..eb560955cd 100644 --- a/src/backend/catalog/system_views.sql +++ b/src/backend/catalog/system_views.sql @@ -621,13 +621,17 @@ CREATE VIEW pg_shmem_allocations AS SELECT * FROM pg_get_shmem_allocations(); REVOKE ALL ON pg_shmem_allocations FROM PUBLIC; +GRANT SELECT ON pg_shmem_allocations TO pg_read_all_stats; REVOKE EXECUTE ON FUNCTION pg_get_shmem_allocations() FROM PUBLIC; +GRANT EXECUTE ON FUNCTION pg_get_shmem_allocations() TO pg_read_all_stats; CREATE VIEW pg_backend_memory_contexts AS SELECT * FROM pg_get_backend_memory_contexts(); REVOKE ALL ON pg_backend_memory_contexts FROM PUBLIC; +GRANT SELECT ON pg_backend_memory_contexts TO pg_read_all_stats; REVOKE EXECUTE ON FUNCTION pg_get_backend_memory_contexts() FROM PUBLIC; +GRANT EXECUTE ON FUNCTION pg_get_backend_memory_contexts() TO pg_read_all_stats; -- Statistics views diff --git a/src/test/regress/expected/misc_functions.out b/src/test/regress/expected/misc_functions.out index e845042d38..d0d584abb4 100644 --- a/src/test/regress/expected/misc_functions.out +++ b/src/test/regress/expected/misc_functions.out @@ -140,7 +140,7 @@ HINT: No function matches the given name and argument types. You might need to -- Furthermore, their contents can vary depending on the timing. However, -- we can at least verify that the code doesn't fail. -- -SELECT * FROM pg_log_backend_memory_contexts(pg_backend_pid()); +SELECT pg_log_backend_memory_contexts(pg_backend_pid()); pg_log_backend_memory_contexts -------------------------------- t diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out index 83cff902f3..2f9d9cbdd0 100644 --- a/src/test/regress/expected/privileges.out +++ b/src/test/regress/expected/privileges.out @@ -2413,3 +2413,41 @@ REVOKE TRUNCATE ON lock_table FROM regress_locktable_user; -- clean up DROP TABLE lock_table; DROP USER regress_locktable_user; +-- test to check privileges of system views pg_shmem_allocations, +-- pg_backend_memory_contexts and function pg_log_backend_memory_contexts. +-- switch to superuser +\c - +CREATE ROLE regress_nosprusr_noreadallstats WITH NOSUPERUSER; +SET ROLE regress_nosprusr_noreadallstats; +-- The entire output of pg_backend_memory_contexts is not stable, +-- we test only the privileges and basic condition of TopMemoryContext. +SELECT name, ident, parent, level, total_bytes >= free_bytes + FROM pg_backend_memory_contexts WHERE level = 0; -- permission denied error +ERROR: permission denied for view pg_backend_memory_contexts +SELECT COUNT(*) >= 0 AS ok FROM pg_shmem_allocations; -- permission denied error +ERROR: permission denied for view pg_shmem_allocations +-- switch to superuser +\c - +CREATE ROLE regress_nosprusr_readallstats WITH NOSUPERUSER; +GRANT pg_read_all_stats TO regress_nosprusr_readallstats; +SET ROLE regress_nosprusr_readallstats; +-- The entire output of pg_backend_memory_contexts is not stable, +-- we test only the privileges and basic condition of TopMemoryContext. +SELECT name, ident, parent, level, total_bytes >= free_bytes + FROM pg_backend_memory_contexts WHERE level = 0; + name | ident | parent | level | ?column? +------------------+-------+--------+-------+---------- + TopMemoryContext | | | 0 | t +(1 row) + +SELECT COUNT(*) >= 0 AS ok FROM pg_shmem_allocations; + ok +---- + t +(1 row) + +-- switch to superuser +\c - +-- clean up +DROP ROLE regress_nosprusr_noreadallstats; +DROP ROLE regress_nosprusr_readallstats; diff --git a/src/test/regress/sql/misc_functions.sql b/src/test/regress/sql/misc_functions.sql index a398349afc..94bf995fe2 100644 --- a/src/test/regress/sql/misc_functions.sql +++ b/src/test/regress/sql/misc_functions.sql @@ -37,7 +37,7 @@ SELECT num_nulls(); -- Furthermore, their contents can vary depending on the timing. However, -- we can at least verify that the code doesn't fail. -- -SELECT * FROM pg_log_backend_memory_contexts(pg_backend_pid()); +SELECT pg_log_backend_memory_contexts(pg_backend_pid()); -- -- Test some built-in SRFs diff --git a/src/test/regress/sql/privileges.sql b/src/test/regress/sql/privileges.sql index 3d1a1db987..b36a20c9a8 100644 --- a/src/test/regress/sql/privileges.sql +++ b/src/test/regress/sql/privileges.sql @@ -1476,3 +1476,36 @@ REVOKE TRUNCATE ON lock_table FROM regress_locktable_user; -- clean up DROP TABLE lock_table; DROP USER regress_locktable_user; + +-- test to check privileges of system views pg_shmem_allocations, +-- pg_backend_memory_contexts and function pg_log_backend_memory_contexts. + +-- switch to superuser +\c - + +CREATE ROLE regress_nosprusr_noreadallstats WITH NOSUPERUSER; +SET ROLE regress_nosprusr_noreadallstats; +-- The entire output of pg_backend_memory_contexts is not stable, +-- we test only the privileges and basic condition of TopMemoryContext. +SELECT name, ident, parent, level, total_bytes >= free_bytes + FROM pg_backend_memory_contexts WHERE level = 0; -- permission denied error +SELECT COUNT(*) >= 0 AS ok FROM pg_shmem_allocations; -- permission denied error + +-- switch to superuser +\c - + +CREATE ROLE regress_nosprusr_readallstats WITH NOSUPERUSER; +GRANT pg_read_all_stats TO regress_nosprusr_readallstats; +SET ROLE regress_nosprusr_readallstats; +-- The entire output of pg_backend_memory_contexts is not stable, +-- we test only the privileges and basic condition of TopMemoryContext. +SELECT name, ident, parent, level, total_bytes >= free_bytes + FROM pg_backend_memory_contexts WHERE level = 0; +SELECT COUNT(*) >= 0 AS ok FROM pg_shmem_allocations; + +-- switch to superuser +\c - + +-- clean up +DROP ROLE regress_nosprusr_noreadallstats; +DROP ROLE regress_nosprusr_readallstats; -- 2.25.1