Re: Predefined role pg_maintenance for VACUUM, ANALYZE, CHECKPOINT.
Robert Haas <robertmhaas@gmail.com>
From: Robert Haas <robertmhaas@gmail.com>
To: Andres Freund <andres@anarazel.de>
Cc: Jeff Davis <pgsql@j-davis.com>, Stephen Frost <sfrost@snowman.net>, "Bossart, Nathan" <bossartn@amazon.com>, "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>,
Alvaro Herrera <alvherre@alvh.no-ip.org>, Bharath Rupireddy <bharath.rupireddyforpostgres@gmail.com>
Date: 2021-11-05T12:54:37Z
Lists: pgsql-hackers
On Thu, Nov 4, 2021 at 6:46 PM Andres Freund <andres@anarazel.de> wrote: > What about extending GRANT to allow to grant rights on commands? Yes, it'd be > a bit of work to make that work in the catalogs, but it doesn't seem too hard > to tackle. I think that there aren't too many commands where the question is just whether you can execute the command or not. CHECKPOINT is one that does work that way, but if it's VACUUM or ANALYZE the question will be whether you can run it on a particular table; if it's ALTER SYSTEM it will be whether you can run it for that GUC; and so on. CHECKPOINT is one of the few commands that has no target. -- Robert Haas EDB: http://www.enterprisedb.com
Commits
-
Add pg_checkpointer predefined role for CHECKPOINT command.
- 4168a4745492 15.0 landed