| From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Erik Rijkers <er(at)xs4all(dot)nl>, Dimitri Fontaine <dimitri(at)2ndquadrant(dot)fr>, pgsql-hackers(at)postgresql(dot)org, Robert Haas <robertmhaas(at)gmail(dot)com>, Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
| Subject: | Re: erroneous restore into pg_catalog schema |
| Date: | 2013-01-14 16:55:46 |
| Message-ID: | 20130114165546.GE5106@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> writes:
> > Tom Lane escribi:
> >> I will bet that this is more breakage from the DDL-code refactoring that
> >> has been going on. I am getting closer and closer to wanting that
> >> reverted. KaiGai-san seems to have been throwing out lots of special
> >> cases that were there for good reasons.
>
> > Isn't this just a475c6036?
>
> Ah ... well, at least it was intentional. But still wrongheaded,
> as this example shows. What we should have done was what the commit
> message suggests, ie place a replacement check somewhere "upstream"
> where it would apply to all object types. First thought that comes to
> mind is to add a hack to pg_namespace_aclcheck, or maybe at some call
> site(s).
The attached patch seems to work:
alvherre=# create table pg_catalog.foo (a int);
ERROR: permission denied for schema pg_catalog
It passes regression tests for both core and contrib.
I notice that contrib/adminpack now fails, though (why doesn't this
module have a regression test?):
alvherre=# create extension adminpack;
ERROR: permission denied for schema pg_catalog
It sounds hard to support that without some other special hack. Not
sure what to do here. Have adminpack set allowSystemTableMods somehow?
I grepped for other occurences of "pg_catalog" in contrib SQL scripts,
and all other modules seem to work (didn't try sepgsql):
$ rgrep -l pg_catalog */*sql | cut -d/ -f1 | while read module; do echo module: $module; psql -c "create extension $module"; done
module: adminpack
ERROR: permission denied for schema pg_catalog
module: btree_gist
CREATE EXTENSION
module: btree_gist
ERROR: extension "btree_gist" already exists
module: citext
CREATE EXTENSION
module: citext
ERROR: extension "citext" already exists
module: intarray
CREATE EXTENSION
module: isn
CREATE EXTENSION
module: lo
CREATE EXTENSION
module: pg_trgm
CREATE EXTENSION
module: pg_trgm
ERROR: extension "pg_trgm" already exists
module: sepgsql
ERROR: could not open extension control file
"/home/alvherre/Code/pgsql/install/HEAD/share/extension/sepgsql.control":
No such file or directory
module: tcn
CREATE EXTENSION
module: test_parser
CREATE EXTENSION
module: tsearch2
CREATE EXTENSION
module: tsearch2
ERROR: extension "tsearch2" already exists
--
Alvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
| Attachment | Content-Type | Size |
|---|---|---|
| pg-catalog-perms.patch | text/x-diff | 620 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2013-01-14 16:56:17 | Re: bugfix: --echo-hidden is not supported by \sf statements |
| Previous Message | Robert Haas | 2013-01-14 16:52:54 | Re: GIN over array of ENUMs |