New privileged roles which can SET and ALTER SYSTEM SET

From: Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com>
To: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Cc: Andrew Dunstan <andrew(at)dunslane(dot)net>
Subject: New privileged roles which can SET and ALTER SYSTEM SET
Date: 2021-10-20 18:40:10
Message-ID: 0BE45772-31CF-4BE9-9FE8-FB7D8B130240@enterprisedb.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

These patches have been split off the now deprecated monolithic "Delegating superuser tasks to new security roles" thread at [1].

The purpose of these patches is to allow non-superusers to configure most aspects of a system, so long as they belong to the appropriate privileged role(s):

Attachment Content-Type Size
v1-0001-Allow-SET-and-ALTER-SYSTEM-SET-per-role.patch application/octet-stream 136.3 KB
v1-0002-Adding-role-pg_manage_host_resource_settings.patch application/octet-stream 21.9 KB
v1-0003-Adding-role-pg_manage_vacuum_settings.patch application/octet-stream 15.9 KB
v1-0004-Adding-role-pg_manage_autovacuum_settings.patch application/octet-stream 16.9 KB
v1-0005-Adding-role-pg_manage_logging_settings.patch application/octet-stream 41.9 KB
v1-0006-Adding-role-pg_manage_replication_settings.patch application/octet-stream 20.4 KB
v1-0007-Adding-role-pg_manage_connection_settings.patch application/octet-stream 23.7 KB
v1-0008-Adding-role-pg_manage_wal_settings.patch application/octet-stream 24.0 KB
v1-0009-Adding-role-pg_manage_query_tuning_settings.patch application/octet-stream 29.2 KB
v1-0010-Adding-role-pg_manage_stats_settings.patch application/octet-stream 24.9 KB
v1-0011-Adding-role-pg_manage_recovery_settings.patch application/octet-stream 16.2 KB
v1-0012-Adding-role-pg_manage_error_handling_settings.patch application/octet-stream 13.7 KB

Browse pgsql-hackers by date

  From Date Subject
Next Message Mark Dilger 2021-10-20 18:40:32 Non-superuser event trigger owners
Previous Message Mark Dilger 2021-10-20 18:39:52 Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers)