Don't try to dump RLS policies or security labels for extension objects. checkExtensionMembership() set the DUMP_COMPONENT_SECLABEL and DUMP_COMPONENT_POLICY flags for extension member objects, even though we lack any infrastructure for tracking extensions' initial settings of these properties. This is not OK. The result was that a dump would always include commands to set these properties for extension objects that have them, with at least three negative consequences:
1. The restoring user might not have privilege to set these properties on these objects. 2. The properties might be incorrect/irrelevant for the version of the extension that's installed in the destination database. 3. The dump itself might fail, in the case of RLS properties attached to extension tables that the dumping user lacks privilege to LOCK. (That's because we must get at least AccessShareLock to ensure that we don't fail while trying to decompile the RLS expressions.) When and if somebody cares to invent initial-state infrastructure for extensions' RLS policies and security labels, we could think about finding another way around problem #3. But in the absence of such infrastructure, this whole thing is just wrong and we shouldn't do it. (Note: this applies only to ordinary dumps; binary-upgrade dumps still dump and restore extension member objects separately, with all properties.) Tom Lane and Jacob Champion. Back-patch to all supported branches. Discussion: https://postgr.es/m/00d46a48-3324-d9a0-49bf-e7f0f11d1...@timescale.com Branch ------ REL_16_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/64d2467fc8d34b2a0c84d1c1aadb349a0df4b618 Modified Files -------------- src/bin/pg_dump/pg_dump.c | 22 ++++++++++-------- src/test/modules/test_pg_dump/t/001_base.pl | 27 ++++++++++++++++++++++ .../modules/test_pg_dump/test_pg_dump--1.0.sql | 2 ++ 3 files changed, 41 insertions(+), 10 deletions(-)
