From 82b37765c76b8b2daf6cad3dfb5e5b4a2776d56f Mon Sep 17 00:00:00 2001 From: Robert Haas Date: Fri, 16 Oct 2015 11:37:19 -0400 Subject: Fix a problem with parallel workers being unable to restore role. check_role() tries to verify that the user has permission to become the requested role, but this is inappropriate in a parallel worker, which needs to exactly recreate the master's authorization settings. So skip the check in that case. This fixes a bug in commit 924bcf4f16d54c55310b28f77686608684734f42. --- src/backend/commands/variable.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'src/backend/commands/variable.c') diff --git a/src/backend/commands/variable.c b/src/backend/commands/variable.c index 2d0a44effe7..16c122a22bc 100644 --- a/src/backend/commands/variable.c +++ b/src/backend/commands/variable.c @@ -19,6 +19,7 @@ #include #include "access/htup_details.h" +#include "access/parallel.h" #include "access/xact.h" #include "access/xlog.h" #include "catalog/pg_authid.h" @@ -877,9 +878,12 @@ check_role(char **newval, void **extra, GucSource source) ReleaseSysCache(roleTup); /* - * Verify that session user is allowed to become this role + * Verify that session user is allowed to become this role, but + * skip this in parallel mode, where we must blindly recreate the + * parallel leader's state. */ - if (!is_member_of_role(GetSessionUserId(), roleid)) + if (!InitializingParallelWorker && + !is_member_of_role(GetSessionUserId(), roleid)) { GUC_check_errcode(ERRCODE_INSUFFICIENT_PRIVILEGE); GUC_check_errmsg("permission denied to set role \"%s\"", -- cgit v1.2.3