From: | Takahiro Itagaki <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp> |
---|---|
To: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>, Greg Smith <greg(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Largeobject Access Controls (r2460) |
Date: | 2010-01-21 10:42:30 |
Message-ID: | 20100121194229.D1AA.52131E4D@oss.ntt.co.jp |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> wrote:
> > I'm not sure whether we need to make groups for each owner of large objects.
> > If I remember right, the primary issue was separating routines for dump
> > BLOB ACLS from routines for BLOB COMMENTS, right? Why did you make the change?
>
> When --use-set-session-authorization is specified, pg_restore tries to
> change database role of the current session just before creation of
> database objects to be restored.
>
> Ownership of the database objects are recorded in the section header,
> and it informs pg_restore who should be owner of the objects to be
> restored in this section.
>
> Then, pg_restore can generate ALTER xxx OWNER TO after creation, or
> SET SESSION AUTHORIZATION before creation in runtime.
> So, we cannot put creation of largeobjects with different ownership
> in same section.
>
> It is the reason why we have to group largeobjects by database user.
Ah, I see.
Then... What happen if we drop or rename roles who have large objects
during pg_dump? Does the patch still work? It uses pg_get_userbyid().
Regards,
---
Takahiro Itagaki
NTT Open Source Software Center
From | Date | Subject | |
---|---|---|---|
Next Message | Thom Brown | 2010-01-21 10:54:02 | Re: 8.5 vs. 9.0 |
Previous Message | Dave Page | 2010-01-21 10:39:39 | Re: 8.5 vs. 9.0 |