On Wed, 2022-12-14 at 16:11 -0600, Justin Pryzby wrote: > Yeah, but: > > regression=> insert into p1 values (1); > ERROR: permission denied for table p1 > regression=> select * from p1; > ERROR: permission denied for table p1
Right, that's what I had in mind: a user is only granted operations on the partitioned table, not the partitions. It happens that an INSERT or SELECT on the partitioned table flows through to the partitions, whereas the VACUUM ends up skipping them, so I guess the analogy could be interpreted either way. Hmmm... Thinking about it another way: logical partitioning is about making the table logically one table, but physically many tables. That would imply that the privileges should apply per-partition. But then that doesn't make a lot of sense, because what maintenance can you do on the partitioned table (which itself has no data)? There's definitely a problem with this patch and partitioning, because REINDEX affects the partitions, CLUSTER is a no-op, and VACUUM/ANALYZE skip them. -- Jeff Davis PostgreSQL Contributor Team - AWS