| From: | Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com> |
|---|---|
| To: | Amit Kapila <amit(dot)kapila16(at)gmail(dot)com> |
| Cc: | Andrew Dunstan <andrew(at)dunslane(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Subject: | Re: Non-superuser subscription owners |
| Date: | 2021-11-18 15:45:13 |
| Message-ID: | 568C890F-C554-4A94-B6D1-341610121E03@enterprisedb.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On Nov 18, 2021, at 3:37 AM, Amit Kapila <amit(dot)kapila16(at)gmail(dot)com> wrote:
>
>> I have rethought my prior analysis. The problem in the previous patch was that the subscription apply workers did not check for a change in ownership the way they checked for other changes, instead only picking up the new ownership information when the worker restarted for some other reason. This next patch set fixes that. The application of a change record may continue under the old ownership permissions when a concurrent command changes the ownership of the subscription, but the worker will pick up the new permissions before applying the next record.
>>
>
> Are you talking about the below change in the above paragraph?
>
> @@ -2912,6 +2941,7 @@ maybe_reread_subscription(void)
> strcmp(newsub->slotname, MySubscription->slotname) != 0 ||
> newsub->binary != MySubscription->binary ||
> newsub->stream != MySubscription->stream ||
> + newsub->owner != MySubscription->owner ||
> !equal(newsub->publications, MySubscription->publications))
> {
>
> If so, I am not sure how it will ensure that we check the ownership
> change before applying each change? I think this will be invoked at
> each transaction boundary, so, if there is a transaction with a large
> number of changes, all the changes will be processed under the
> previous owner.
Yes, your analysis appears correct. I was sloppy to say "before applying the next record". It will pick up the change before applying the next transaction.
The prior version of the patch only picked up the change if it happened to start a new worker, but could process multiple transactions without noticing the change. Now, it is limited to finishing the current transaction. Would you prefer that the worker noticed the change in ownership and aborted the transaction on the subscriber side? Or should the ALTER SUBSCRIPTION..OWNER TO block? I don't see much advantage to either of those options, but I also don't think I have any knock-down argument for my approach either. What do you think?
—
Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2021-11-18 16:05:04 | Re: Should rename "startup process" to something else? |
| Previous Message | Mark Dilger | 2021-11-18 15:33:53 | Re: Non-superuser subscription owners |