Re: Allow pg_dumpall to work without pg_authid
Stephen Frost <sfrost@snowman.net>
From: Stephen Frost <sfrost@snowman.net>
To: Robins Tharakan <tharakan@gmail.com>
Cc: "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Date: 2017-02-18T23:08:33Z
Lists: pgsql-hackers
Greetings, * Robins Tharakan (tharakan@gmail.com) wrote: > I would like to work on a patch to accommodate restricted environments > (such as AWS RDS Postgres) which don't allow pg_authid access since their > definition of Superuser is just a regular user with extra permissions. > > Would you consider a patch to add a flag to work around this restriction, > Or, do you prefer that this be maintained outside core? > > I could add a flag such as --avoid-pgauthid (am open to options) that skips > pg_authid and uses pg_user (but essentially resets all User passwords). > Mostly this is better than not being able to get the dump at all. If anything, it should use pg_roles, not pg_user. I don't really like the "--avoid-pgauthid" option, but "--no-passwords" would probably work. In general, this seems like a reasonable thing to add support for. Thanks! Stephen
Commits
-
Fix dumping role comments when using --no-role-passwords
- d82cb467bbc2 12.19 landed
- be01c8c3450e 14.12 landed
- affc46b76d50 13.15 landed
- 7e65ad197f9d 17.0 landed
- 5863bacb87c1 16.3 landed
- 12128be623fd 15.7 landed