From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Erik Jones <erik(at)myemma(dot)com> |
Cc: | Justin Pasher <justinp(at)newmediagateway(dot)com>, pgsql-general(at)postgresql(dot)org |
Subject: | Re: Clearing old user ids completely |
Date: | 2008-01-15 23:54:52 |
Message-ID: | 15141.1200441292@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Erik Jones <erik(at)myemma(dot)com> writes:
> You can build and EXECUTE the ALTER TABLE commands in a function of a
> few lines. With regards to removing the faulty permissions, will
> REVOKE not work if the user doesn't exist in the system anymore (I
> honestly don't know much about pre-8.0 behaviours)? If not take a
> look at the aclitem functions in the pg_catalog schema (in psql: \df
> *acl*), they may be what you're looking for.
Yeah, getting rid of references to the user in ACL lists is going to
be the main pain-in-the-neck here. Ownership is relatively easy to fix
with direct updates on the catalog owner columns (and in 7.4 there's
by definition nothing behind-the-scenes in dependency tables). I
can't think of any equally easy fix for ACL references though, because
the available SQL-level operations on aclitem arrays are pretty weak.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Justin Pasher | 2008-01-15 23:55:19 | Re: Clearing old user ids completely |
Previous Message | Sim Zacks | 2008-01-15 23:54:39 | Re: 8.2.4 serious slowdown |