Re: pgsql: Revoke PUBLIC CREATE from public schema, now owned by pg_databas

Noah Misch <noah(at)leadboat(dot)com> writes:
> Revoke PUBLIC CREATE from public schema, now owned by pg_database_owner.

I've just stumbled across a testing problem created by this commit:
if you try to skip the tablespace test, the rest of the run falls
over, because this bit doesn't get executed:

-- Rest of this suite can use the public schema freely.
GRANT ALL ON SCHEMA public TO public;

Skipping the tablespace test is something I've been accustomed to do
when testing replication with the standby on the same machine as the
primary, because otherwise you've got to fool with keeping the
standby from overwriting the primary's tablespaces. This hack made
that a lot more painful.

I'm inclined to think the cleanest fix is to move this step into a
new script, say "test_setup.sql", that is scheduled by itself just
after tablespace.sql. It's sort of annoying to fire up a psql+backend
for just one command, but perhaps there's other stuff that could be
put there too.

Another possibility is to add that GRANT to the list of stuff that
pg_regress.c does by default. If there's actually reason for
tablespace.sql to run without that, it could revoke and re-grant
the public permissions. This way would have the advantage of
being less likely to break other test suites.

regards, tom lane