On Sat, Mar 03, 2018 at 02:31:58AM -0800, Joe Conway wrote: > On 03/03/2018 01:56 AM, Noah Misch wrote: > > If we do that alone, databases reaching v11 via dump/reload or pg_upgrade > > will > > get the new default ACL if they had not changed the ACL of schema public. > > If > > they had GRANTed or REVOKEd on schema public, pg_dump will recreate the > > resulting ACL. This is the standard pg_dump behavior for ACLs on system > > objects. I think that's okay for the public schema, too, and I like > > preserving that usual rule. However, if we wanted to minimize upgrade-time > > surprises, we could make pg_dump include GRANT for schema public > > unconditionally. That way, the default ACL change would apply to new > > databases only. Does anyone want to argue for that? > > What about a pg_dump option to do that and then a big note in the > release notes telling people why they might want to use it?
I'd want any new pg_dump option to have use beyond this one case. That is, not --old-public-schema-acl, but perhaps --old-system-acls-for=OBJECT-PATTERN. But it's a simple task to loop over your databases and run a GRANT, so I somewhat doubt that particular idea should win. Hmm.