From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
---|---|
To: | Andres Freund <andres(at)anarazel(dot)de> |
Cc: | Jeff Davis <pgsql(at)j-davis(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, "Bossart, Nathan" <bossartn(at)amazon(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>, Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com> |
Subject: | Re: Predefined role pg_maintenance for VACUUM, ANALYZE, CHECKPOINT. |
Date: | 2021-11-05 12:54:37 |
Message-ID: | CA+TgmoaAOg0pjBOP3Y0a8hj5L0=JV7gGcLgYTTpw3C5ZALJPVA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Thu, Nov 4, 2021 at 6:46 PM Andres Freund <andres(at)anarazel(dot)de> wrote:
> What about extending GRANT to allow to grant rights on commands? Yes, it'd be
> a bit of work to make that work in the catalogs, but it doesn't seem too hard
> to tackle.
I think that there aren't too many commands where the question is just
whether you can execute the command or not. CHECKPOINT is one that
does work that way, but if it's VACUUM or ANALYZE the question will be
whether you can run it on a particular table; if it's ALTER SYSTEM it
will be whether you can run it for that GUC; and so on. CHECKPOINT is
one of the few commands that has no target.
--
Robert Haas
EDB: http://www.enterprisedb.com
From | Date | Subject | |
---|---|---|---|
Next Message | Alvaro Herrera | 2021-11-05 13:13:11 | Re: Predefined role pg_maintenance for VACUUM, ANALYZE, CHECKPOINT. |
Previous Message | Robert Haas | 2021-11-05 12:42:58 | Re: Predefined role pg_maintenance for VACUUM, ANALYZE, CHECKPOINT. |