| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: SUBSCRIPTIONS and pg_upgrade |
| Date: | 2017-02-17 22:21:41 |
| Message-ID: | 20170217222141.GX9812@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Peter,
* Peter Eisentraut (peter(dot)eisentraut(at)2ndquadrant(dot)com) wrote:
> On 2/17/17 09:33, Stephen Frost wrote:
> >> One reason is that pg_subscription is only readable by a superuser, so
> >> we can't even dump them unless we're superuser.
> > Sure, but that's true of roles and other things.. On a system with RLS,
> > likely only the database superuser can actually read everything.
>
> There are some concurrent discussions about getting a list of
> subscriptions without having superuser. Once that is resolved, we'll
> likely have more options here, such as dumping only subscriptions you
> are owner of or something like that.
I certainly agree that we should provide a way to view subscriptions,
and perhaps do other things with them, without being a superuser.
I was going to suggest that it might make sense to have a role attribute
or a default role created for managing publications/subscriptions. It
seems like this should be independent of the existing replicaiton role
attribute, which is about physical replication.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tomas Vondra | 2017-02-17 23:22:20 | Re: gitlab post-mortem: pg_basebackup waiting for checkpoint |
| Previous Message | Peter Eisentraut | 2017-02-17 22:19:12 | Re: SUBSCRIPTIONS and pg_upgrade |