Re: pg_ls_dir & friends still have a hard-coded superuser check

On 27 January 2017 at 14:09, Dave Page <dpage(at)pgadmin(dot)org> wrote:
> On Fri, Jan 27, 2017 at 1:18 PM, Simon Riggs <simon(at)2ndquadrant(dot)com> wrote:
>
>> If the monitoring tool requires superuser then that is a problem, so
>> it would be helpful if it didn't do that, please. Not much use having
>> a cool tool if it don't work with the server.
>
> Sure, that's what I want - to provide the management and monitoring
> capabilities without requiring superuser. Limiting the capability of
> the tools is not an option when you talk to users - however for some
> of them, having to use full superuser accounts is a problem as well
> (especially for those who are used to other DBMSs that do offer more
> fine-grained permissions).
>
>> The management and monitoring tool could be more specific about what
>> it actually needs, rather than simply requesting generic read and
>> write against the filesystem. Then we can put those specific things
>> into the server and we can all be happy. Again, a detailed list would
>> help here.
>
> Agreed - I do need to do that, and it's on my (extremely long) list.
> I'm just chiming in on this thread as requested!

So I think it would be useful to have two modes in tools, one where
they know they have superuser and one where they know we don't have
it. At least we'll know we can't do certain things rather than just
have them fail.

--
Simon Riggs http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services