| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | andrewbille(at)gmail(dot)com, pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #17346: pg_upgrade fails with role granted by other role |
| Date: | 2021-12-27 16:18:33 |
| Message-ID: | 143467F6-5C5E-47F5-9375-5C769DD968D6@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
> On 27 Dec 2021, at 17:07, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> PG Bug reporting form <noreply(at)postgresql(dot)org> writes:
>> After the commit:
>
>> commit 371087d006e04991080bf17cf2287db38d3ea92e
>> Author: Daniel Gustafsson <dgustafsson(at)postgresql(dot)org>
>> Date: Fri Nov 26 14:02:01 2021 +0100
>> Fix GRANTED BY support in REVOKE ROLE statements
>
>> pg_upgrade for example from 10.19 version causes the error:
>
> Yeah, you don't even need pg_upgrade. Just do
>
> regression=# CREATE ROLE user1; CREATE ROLE user2; GRANT user1 TO user2 GRANTED BY user1;
> CREATE ROLE
> CREATE ROLE
> ERROR: grantor must be current user
>
> A superuser, or really anyone who's a member of the user1 role,
> ought to be able to do that (especially since it used to be allowed).
> So it seems the permissions check was coded incorrectly.
>
> regards, tom lane
Thanks for the report, I’m OOO until late tonight but I’ll have a look when in.
cheers ./daniel
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2021-12-27 22:17:18 | Re: BUG #17346: pg_upgrade fails with role granted by other role |
| Previous Message | Tom Lane | 2021-12-27 16:02:27 | Re: BUG #17346: pg_upgrade fails with role granted by other role |