Don't try to dump RLS policies or security labels for extension objects. checkExtensionMembership() set the DUMP_COMPONENT_SECLABEL and DUMP_COMPONENT_POLICY flags for extension member objects, even though we lack any infrastructure for tracking extensions' initial settings of these properties. This is not OK. The result was that a dump would always include commands to set these properties for extension objects that have them, with at least three negative consequences:
1. The restoring user might not have privilege to set these properties on these objects. 2. The properties might be incorrect/irrelevant for the version of the extension that's installed in the destination database. 3. The dump itself might fail, in the case of RLS properties attached to extension tables that the dumping user lacks privilege to LOCK. (That's because we must get at least AccessShareLock to ensure that we don't fail while trying to decompile the RLS expressions.) When and if somebody cares to invent initial-state infrastructure for extensions' RLS policies and security labels, we could think about finding another way around problem #3. But in the absence of such infrastructure, this whole thing is just wrong and we shouldn't do it. (Note: this applies only to ordinary dumps; binary-upgrade dumps still dump and restore extension member objects separately, with all properties.) Tom Lane and Jacob Champion. Back-patch to all supported branches. Discussion: https://postgr.es/m/00d46a48-3324-d9a0-49bf-e7f0f11d1...@timescale.com Branch ------ REL_15_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/f15147df625fca1466ff3488ced517c239844eef Modified Files -------------- src/bin/pg_dump/pg_dump.c | 22 ++++++++++-------- src/test/modules/test_pg_dump/t/001_base.pl | 27 ++++++++++++++++++++++ .../modules/test_pg_dump/test_pg_dump--1.0.sql | 2 ++ 3 files changed, 41 insertions(+), 10 deletions(-)
