Re: DROP OWNED BY fails to clean out pg_init_privs grants

It does happen with some regularity.

At least one large cloud database provider I know of saw this more
than once a month until the mitigations were integrated in the major
version upgrade process.

It is possible that making database upgrades easier via better
automation is what made this turn up more, as now less experienced /
non-DBA types are more comfortable doing the version upgrades, whereas
before it would be something done by a person who can also diagnose it
and manually fix pg_init_privs.

Still it would be nice to have some public support for users of
non-managed PostgreSQL databases as well

On Thu, Jun 20, 2024 at 8:25 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> Hannu Krosing <hannuk(at)google(dot)com> writes:
> > Or perhaps we should still also patch pg_dump to ignore the aclentries
> > which refer to roles that do not exist in the database ?
>
> I didn't want to do that before, and I still don't. Given that this
> issue has existed since pg_init_privs was invented (9.6) without
> prior reports, I don't think it's a big enough problem in practice
> to be worth taking extraordinary actions for.
>
> regards, tom lane