Re: Extension Templates S03E11

From: Dimitri Fontaine <dimitri(at)2ndQuadrant(dot)fr>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: Jeff Davis <pgsql(at)j-davis(dot)com>, Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Boszormenyi Zoltan <zb(at)cybertec(dot)at>, Thom Brown <thom(at)linux(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Extension Templates S03E11
Date: 2013-12-11 11:23:39
Message-ID: m24n6fws04.fsf@2ndQuadrant.fr
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Hi,

Stephen Frost <sfrost(at)snowman(dot)net> writes:
> * Jeff Davis (pgsql(at)j-davis(dot)com) wrote:
>> What is stopping Extension Templates, as proposed, from being this
>> special "extension creation mode"? What would be a better design?
>
> The extra catalog tables which store SQL scripts in text columns is one
> of my main objections to the as-proposed Extension Templates. I view
> those scripts as a poor man's definition of database objects which are
> defined properly in the catalog already.

I have a very hard time to understand this objection.

PL/SQL functions are just a SQL script stored as-is in the catalogs.
That applies the same way to any other PL language too, with scripts
stored as-is in the catalogs in different languages.

Even views are stored in a textual way in the catalogs, albeit in a
specific pre-processed format, it's still a text blob that could pass
for a script in a backend specific language, parsed by the rewriter.

So while I hear your objection to the "script in catalog" idea Stephen,
I think we should move forward. We don't have the luxury of only
applying patches where no compromise has to be made, where everyone is
fully happy with the solution we find as a community.

> The other big issue is that
> there isn't an easy way to see how we could open up the ability to
> create extensions to non-superusers with this approach.

The main proposal here is to only allow the owner of a template to
install it as an extension. For superusers, we can implement the needed
SET ROLE command automatically in the CREATE EXTENSION command.

Is there another security issue that this “same role” approach is not
solving? I don't think so.

>> It seems like the porting issue is just a matter of finding someone to
>> write a tool to reliably translate packages from PGXN into a form
>> suitable to be sent using SQL commands; which we would need anyway for
>> this special mode.

I already mentionned that's on my roadmap, part of the vision I'm trying
to implement here. My goal is to deliver the full solution for 9.4, and
this Extension Templates facility is the missing in-core bits of it.

Regards,
--
Dimitri Fontaine
http://2ndQuadrant.fr PostgreSQL : Expertise, Formation et Support

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Dev Kumkar 2013-12-11 11:25:07 Re: Case sensitivity
Previous Message Andres Freund 2013-12-11 11:12:06 Re: Why the buildfarm is all pink