Re: Predefined role pg_maintenance for VACUUM, ANALYZE, CHECKPOINT.

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Stephen Frost <sfrost@snowman.net>
Cc: Bharath Rupireddy <bharath.rupireddyforpostgres@gmail.com>, Jeff Davis <pgsql@j-davis.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2021-10-25T17:51:56Z
Lists: pgsql-hackers
Stephen Frost <sfrost@snowman.net> writes:
> Independent of other things, getting to the point where everything can
> be done in the database without the need for superuser is absolutely a
> good goal to be striving for, not something to be avoiding.
> I don't think that makes superuser become 'dummy', but perhaps the
> only explicit superuser check we end up needing is "superuser is a
> member of all roles".  That would be a very cool end state.

I'm not entirely following how that's going to work.  It implies that
there is some allegedly-not-superuser role that has the ability to
become superuser -- either within SQL or by breaking out to the OS --
because certainly a superuser can do those things.

I don't think we're serving any good purpose by giving people the
impression that roles with such permissions are somehow not
superuser-equivalent.  Certainly, the providers who don't want to
give users superuser are just going to need a longer list of roles
they won't give access to (and they probably won't be pleased about
having to vet every predefined role carefully).

			regards, tom lane



Commits

  1. Add pg_checkpointer predefined role for CHECKPOINT command.