| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Robins Tharakan <tharakan(at)gmail(dot)com> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Allow pg_dumpall to work without pg_authid |
| Date: | 2017-02-18 23:08:33 |
| Message-ID: | 20170218230833.GA9812@tamriel.snowman.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Greetings,
* Robins Tharakan (tharakan(at)gmail(dot)com) wrote:
> I would like to work on a patch to accommodate restricted environments
> (such as AWS RDS Postgres) which don't allow pg_authid access since their
> definition of Superuser is just a regular user with extra permissions.
>
> Would you consider a patch to add a flag to work around this restriction,
> Or, do you prefer that this be maintained outside core?
>
> I could add a flag such as --avoid-pgauthid (am open to options) that skips
> pg_authid and uses pg_user (but essentially resets all User passwords).
> Mostly this is better than not being able to get the dump at all.
If anything, it should use pg_roles, not pg_user.
I don't really like the "--avoid-pgauthid" option, but "--no-passwords"
would probably work.
In general, this seems like a reasonable thing to add support for.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Munro | 2017-02-18 23:27:59 | Re: [COMMITTERS] pgsql: Add new function dsa_allocate0. |
| Previous Message | Stephen Frost | 2017-02-18 23:06:07 | Re: logical replication access control patches |