Re: upgrade failure from 9.5 to head

From: Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Andres Freund <andres(at)anarazel(dot)de>, Andrew Dunstan <andrew(at)dunslane(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: upgrade failure from 9.5 to head
Date: 2015-07-29 15:47:51
Message-ID: 20150729154751.GH2441@postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Tom Lane wrote:
> Andres Freund <andres(at)anarazel(dot)de> writes:

> > Ick! So the dummy_seclabel test more or less only works by accident if I
> > see that correctly. The .so is only loaded because the CREATE EXTENSION
> > in the test triggers a CREATE FUNCTION dummy_seclabel_dummy() ... LANG
> > C.

I set it up that way on purpose, because there doesn't seem to be any
other reasonable way. (It wasn't like that in the original contrib
module).

> But on reflection, doesn't this mean that the entire implementation of
> SECURITY LABEL is broken?

Heck, see the *very first* hunk of this patch:
https://www.postgresql.org/message-id/CACACo5R4VwGddt00qtPmhUhtd%3Dokwu2ECM-j20B6%2BcmgtZF6mQ%40mail.gmail.com
This was found to be necessary during deparsing of SECURITY LABEL
command, and only of that command -- all other DDL is able to pass back
the OID of the corresponding object, so that the deparsing code can look
up the object in catalogs. But for security label providers there is no
catalog, and there is no way to obtain the identify of the label
provider that I can see. Thus the ugly hack in the patch: the parse
node has to be altered during execution to make sure the provider is
correctly set up for deparse to be able to obtain it.

That to me seemed pretty broken, but I found no better way.

I don't think this is dummy_seclabel's fault.

--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Joe Conway 2015-07-29 15:52:46 Re: more RLS oversights
Previous Message Joe Conway 2015-07-29 15:46:01 Re: more RLS oversights