| From: | Craig Ringer <craig(dot)ringer(at)2ndquadrant(dot)com> |
|---|---|
| To: | "Tsunakawa, Takayuki" <tsunakawa(dot)takay(at)jp(dot)fujitsu(dot)com> |
| Cc: | Andres Freund <andres(at)anarazel(dot)de>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Amit Kapila <amit(dot)kapila16(at)gmail(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Subject: | Re: Supporting huge pages on Windows |
| Date: | 2017-04-05 02:55:16 |
| Message-ID: | CAMsr+YELXMWLRVAWMhR-gJTd7wYTRwtM0xXnCy1v0Qpeu-uUAQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 5 April 2017 at 10:37, Tsunakawa, Takayuki
<tsunakawa(dot)takay(at)jp(dot)fujitsu(dot)com> wrote:
> Good point! And I said earlier in this thread, I think managing privileges (adding/revoking privileges from the user account) is the DBA's or sysadmin's duty, and PG's removing all privileges feels overkill.
I think it's a sensible alternative to refusing to run as a highly
privileged role, which is what we used to do IIRC.
> OTOH, I tried again to leave the DISABLE_MAX_PRIVILEGE as is and add Lock Pages in Memory, using the attached pg_ctl.c. Please see EnableLockPagesPrivilege() and its call site. But pg_ctl -w start fails emitting the following message:
That won't work. You'd have to pass 0 to the flags of
CreateRestrictedToken and instead supply a PrivilegesToDelete array.
You'd probably GetTokenInformation and AND with a mask of ones you
wanted to retain.
--
Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2017-04-05 03:09:42 | Re: Partition-wise join for join between (declaratively) partitioned tables |
| Previous Message | Vitaly Burovoy | 2017-04-05 02:53:56 | Re: identity columns |