Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit4168a47

Browse files
committed
Add pg_checkpointer predefined role for CHECKPOINT command.
Any user with the privileges of pg_checkpointer can issue a CHECKPOINTcommand.Reviewed-by: Stephen FrostDiscussion:https://postgr.es/m/67a1d667e8ec228b5e07f232184c80348c5d93f4.camel%40j-davis.com
1 parentb66767b commit4168a47

File tree

5 files changed

+18
-4
lines changed

5 files changed

+18
-4
lines changed

‎doc/src/sgml/ref/checkpoint.sgml‎

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,9 @@ CHECKPOINT
5252
</para>
5353

5454
<para>
55-
Only superusers can call <command>CHECKPOINT</command>.
55+
Only superusers or users with the privileges of
56+
the <link linkend="predefined-roles-table"><literal>pg_checkpointer</literal></link>
57+
role can call <command>CHECKPOINT</command>.
5658
</para>
5759
</refsect1>
5860

‎doc/src/sgml/user-manag.sgml‎

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -582,6 +582,12 @@ DROP ROLE doomed_role;
582582
<entry>Allow executing programs on the database server as the user the database runs as with
583583
COPY and other functions which allow executing a server-side program.</entry>
584584
</row>
585+
<row>
586+
<entry>pg_checkpointer</entry>
587+
<entry>Allow executing
588+
the <link linkend="sql-checkpoint"><command>CHECKPOINT</command></link>
589+
command.</entry>
590+
</row>
585591
</tbody>
586592
</tgroup>
587593
</table>

‎src/backend/tcop/utility.c‎

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@
2424
#include"catalog/catalog.h"
2525
#include"catalog/index.h"
2626
#include"catalog/namespace.h"
27+
#include"catalog/pg_authid.h"
2728
#include"catalog/pg_inherits.h"
2829
#include"catalog/toasting.h"
2930
#include"commands/alter.h"
@@ -939,10 +940,10 @@ standard_ProcessUtility(PlannedStmt *pstmt,
939940
break;
940941

941942
caseT_CheckPointStmt:
942-
if (!superuser())
943+
if (!has_privs_of_role(GetUserId(),ROLE_PG_CHECKPOINTER))
943944
ereport(ERROR,
944945
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
945-
errmsg("must be superuser to do CHECKPOINT")));
946+
errmsg("must be superuseror have privileges of pg_checkpointerto do CHECKPOINT")));
946947

947948
RequestCheckpoint(CHECKPOINT_IMMEDIATE |CHECKPOINT_WAIT |
948949
(RecoveryInProgress() ?0 :CHECKPOINT_FORCE));

‎src/include/catalog/catversion.h‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,6 @@
5353
*/
5454

5555
/*yyyymmddN */
56-
#defineCATALOG_VERSION_NO202110272
56+
#defineCATALOG_VERSION_NO202111091
5757

5858
#endif

‎src/include/catalog/pg_authid.dat‎

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -79,5 +79,10 @@
7979
rolcreaterole => 'f', rolcreatedb => 'f', rolcanlogin => 'f',
8080
rolreplication => 'f', rolbypassrls => 'f', rolconnlimit => '-1',
8181
rolpassword => '_null_', rolvaliduntil => '_null_' },
82+
{ oid => '4544', oid_symbol => 'ROLE_PG_CHECKPOINTER',
83+
rolname => 'pg_checkpointer', rolsuper => 'f', rolinherit => 't',
84+
rolcreaterole => 'f', rolcreatedb => 'f', rolcanlogin => 'f',
85+
rolreplication => 'f', rolbypassrls => 'f', rolconnlimit => '-1',
86+
rolpassword => '_null_', rolvaliduntil => '_null_' },
8287

8388
]

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp