diff options
Diffstat (limited to 'src/bin/initdb/initdb.c')
| -rw-r--r-- | src/bin/initdb/initdb.c | 143 |
1 files changed, 143 insertions, 0 deletions
diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c index ed3ba7b6248..858667b3941 100644 --- a/src/bin/initdb/initdb.c +++ b/src/bin/initdb/initdb.c @@ -1989,6 +1989,11 @@ setup_dictionary(FILE *cmdfd) * Some objects may require different permissions by default, so we * make sure we don't overwrite privilege sets that have already been * set (NOT NULL). + * + * Also populate pg_init_privs to save what the privileges are at init + * time. This is used by pg_dump to allow users to change privileges + * on catalog objects and to have those privilege changes preserved + * across dump/reload and pg_upgrade. */ static void setup_privileges(FILE *cmdfd) @@ -2002,6 +2007,144 @@ setup_privileges(FILE *cmdfd) "GRANT USAGE ON SCHEMA pg_catalog TO PUBLIC;\n\n", "GRANT CREATE, USAGE ON SCHEMA public TO PUBLIC;\n\n", "REVOKE ALL ON pg_largeobject FROM PUBLIC;\n\n", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class WHERE relname = 'pg_class')," + " 0," + " relacl," + " 'i'" + " FROM" + " pg_class" + " WHERE" + " relacl IS NOT NULL" + " AND relkind IN ('r', 'v', 'm', 'S');", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " pg_class.oid," + " (SELECT oid FROM pg_class WHERE relname = 'pg_class')," + " pg_attribute.attnum," + " pg_attribute.attacl," + " 'i'" + " FROM" + " pg_class" + " JOIN pg_attribute ON (pg_class.oid = pg_attribute.attrelid)" + " WHERE" + " pg_attribute.attacl IS NOT NULL" + " AND pg_class.relkind IN ('r', 'v', 'm', 'S');", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class WHERE relname = 'pg_proc')," + " 0," + " proacl," + " 'i'" + " FROM" + " pg_proc" + " WHERE" + " proacl IS NOT NULL;", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class WHERE relname = 'pg_type')," + " 0," + " typacl," + " 'i'" + " FROM" + " pg_type" + " WHERE" + " typacl IS NOT NULL;", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class WHERE relname = 'pg_language')," + " 0," + " lanacl," + " 'i'" + " FROM" + " pg_language" + " WHERE" + " lanacl IS NOT NULL;", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class WHERE " + " relname = 'pg_largeobject_metadata')," + " 0," + " lomacl," + " 'i'" + " FROM" + " pg_largeobject_metadata" + " WHERE" + " lomacl IS NOT NULL;", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class WHERE relname = 'pg_namespace')," + " 0," + " nspacl," + " 'i'" + " FROM" + " pg_namespace" + " WHERE" + " nspacl IS NOT NULL;", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class WHERE relname = 'pg_database')," + " 0," + " datacl," + " 'i'" + " FROM" + " pg_database" + " WHERE" + " datacl IS NOT NULL;", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class WHERE relname = 'pg_tablespace')," + " 0," + " spcacl," + " 'i'" + " FROM" + " pg_tablespace" + " WHERE" + " spcacl IS NOT NULL;", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class WHERE " + " relname = 'pg_foreign_data_wrapper')," + " 0," + " fdwacl," + " 'i'" + " FROM" + " pg_foreign_data_wrapper" + " WHERE" + " fdwacl IS NOT NULL;", + "INSERT INTO pg_init_privs " + " (objoid, classoid, objsubid, initprivs, privtype)" + " SELECT" + " oid," + " (SELECT oid FROM pg_class " + " WHERE relname = 'pg_foreign_server')," + " 0," + " srvacl," + " 'i'" + " FROM" + " pg_foreign_server" + " WHERE" + " srvacl IS NOT NULL;", NULL }; |