| From: | Jeff Davis <pgsql(at)j-davis(dot)com> |
|---|---|
| To: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Cc: | Ted Yu <yuzhihong(at)gmail(dot)com>, Pavel Luzanov <p(dot)luzanov(at)postgrespro(dot)ru>, Justin Pryzby <pryzby(at)telsasoft(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: allow granting CLUSTER, REFRESH MATERIALIZED VIEW, and REINDEX |
| Date: | 2023-01-13 21:30:28 |
| Message-ID: | e25c84fafae4eb08d8a6e83207678096bac102d6.camel@j-davis.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, 2023-01-13 at 12:33 -0800, Nathan Bossart wrote:
> That would fix the problem in the original complaint, but it wouldn't
> allow
> for vacuuming toast tables directly if you only have MAINTAIN
> privileges on
> the main relation. If you can vacuum the toast table indirectly via
> the
> main relation, shouldn't it be possible to vacuum it directly?
Perhaps, but that's barely supported today: you have to awkwardly find
the internal toast table name yourself, and you need the admin to grant
you USAGE on the pg_toast schema. I don't think we're obligated to also
support this hackery for non-owners with a new MAINTAIN privilege.
If we care about that use case, let's do it right and have forms of
VACUUM/CLUSTER/REINDEX that check permissions on the main table, skip
the work on the main table, and descend directly to the toast tables.
That doesn't seem hard, but it's a separate patch.
Right now, we should simply fix the problem.
--
Jeff Davis
PostgreSQL Contributor Team - AWS
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2023-01-13 21:59:56 | Re: Decoupling antiwraparound autovacuum from special rules around auto cancellation |
| Previous Message | Andres Freund | 2023-01-13 20:59:33 | Re: Reduce timing overhead of EXPLAIN ANALYZE using rdtsc? |