| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Erik Jones <erik(at)myemma(dot)com> |
| Cc: | Justin Pasher <justinp(at)newmediagateway(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Clearing old user ids completely |
| Date: | 2008-01-15 23:54:52 |
| Message-ID: | 15141.1200441292@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Erik Jones <erik(at)myemma(dot)com> writes:
> You can build and EXECUTE the ALTER TABLE commands in a function of a
> few lines. With regards to removing the faulty permissions, will
> REVOKE not work if the user doesn't exist in the system anymore (I
> honestly don't know much about pre-8.0 behaviours)? If not take a
> look at the aclitem functions in the pg_catalog schema (in psql: \df
> *acl*), they may be what you're looking for.
Yeah, getting rid of references to the user in ACL lists is going to
be the main pain-in-the-neck here. Ownership is relatively easy to fix
with direct updates on the catalog owner columns (and in 7.4 there's
by definition nothing behind-the-scenes in dependency tables). I
can't think of any equally easy fix for ACL references though, because
the available SQL-level operations on aclitem arrays are pretty weak.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Justin Pasher | 2008-01-15 23:55:19 | Re: Clearing old user ids completely |
| Previous Message | Sim Zacks | 2008-01-15 23:54:39 | Re: 8.2.4 serious slowdown |