Re: SYSTEM_USER reserved word implementation

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Joe Conway <mail@joeconway.com>
Cc: "Drouvot, Bertrand" <bdrouvot@amazon.com>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2022-06-22T15:15:23Z
Lists: pgsql-hackers
Joe Conway <mail@joeconway.com> writes:
> On 6/22/22 10:51, Tom Lane wrote:
>> My immediate guess would be that the SQL committee only intends
>> to deal in SQL role names and therefore SYSTEM_USER is defined
>> to return one of those, but I've not gone looking in the spec
>> to be sure.

> I only have a draft copy, but in SQL 2016 I find relatively thin 
> documentation for what SYSTEM_USER is supposed to represent:

>    The value specified by SYSTEM_USER is equal to an
>    implementation-defined string that represents the
>    operating system user who executed the SQL-client
>    module that contains the externally-invoked procedure
>    whose execution caused the SYSTEM_USER <general value
>    specification> to be evaluated.

Huh.  Okay, if it's implementation-defined then we can define it
as "whatever auth.c put into authn_id".  Objection withdrawn.

			regards, tom lane



Commits

  1. Introduce SYSTEM_USER

  2. Add some information about authenticated identity via log_connections