Re: [HACKERS] Re: [COMMITTERS] 'pgsql/src/bin/initdb initdb.sh'

Bruce Momjian <maillist@candle.pha.pa.us>

From: Bruce Momjian <maillist@candle.pha.pa.us>
To: jwieck@debis.com
Cc: scrappy@hub.org, hackers@postgreSQL.org
Date: 1998-02-23T20:55:12Z
Lists: pgsql-hackers
> 
> > > > I don't know if I like the new name db_user?  What do other people
> > > > think?  I thought pg_user_no_pwd would be nice.
> > > 
> > > 
> > > create view pg_users as ...
> > > ERROR:  Illegal class name: pg_users -- pg_ is reserved for system catalogs
> > 
> > Oops, yep.
> > 
> > I guess I just liked that the pg_ stuff was all system stuff.  Do you
> > get this error when creating it from postgres, as initdb does?  That
> > would be a solution.  Worked here.
> 
>     even if running postgres directly from pgsql account.

Here's what I did:

echo 'create view pg_x as select * from pg_user' |aspg postgres -F -Q -D
/u/pg/data template1

I am suggesting we do this in initdb, just like the others.
> 
>     But I think it's right to have views/tables named db_
>     or sys_ too. Other RDBMS's have them too (Oracle).
> 
>     And I don't know if ALL the places where IsSystemRelationName()
>     is used are happy with things that in fact aren't really
>     hardwired system catalogs.
> 
>     Just let's choose one prefix for all of them and use
>     that then. Maybe we would like to restrict the use of
>     this prefix to superusers only. As I think there could
>     be more information in the catalogs that we want to
>     hide from users in the future, a group of db_ views,
>     where all the completely open catalogs are just mapped
>     by SELECT * wouldn't be a bad idea.

Can I suggest pgview_ then?  Another problem is that a \d on an empty
database, \d is going to show this view, isn't it.  Kind of strange to
me.

I have a solution.  Create the view in initdb as pguser_no_pwd, then
after that execute an update statement on pg_class:

	update pg_class 
	set relname = 'pg_user_no_pwd'
	where relname = 'pguser_no_pwd';

We are using Jan's cache fix already.  I just tried it and it works. 
And it means it doesn't show up in \d, and a user can't accidentally
delete it.  Sounds like a real winner.


-- 
Bruce Momjian                          |  830 Blythe Avenue
maillist@candle.pha.pa.us              |  Drexel Hill, Pennsylvania 19026
  +  If your life is a hard drive,     |  (610) 353-9879(w)
  +  Christ can be your backup.        |  (610) 853-3000(h)