On Sat, 23 Oct 2004, Tom Lane wrote:
Josh Berkus [EMAIL PROTECTED] writes:
Dennis and I are hashing this out on IRC. The second option would be to
simply put SET SESSION AUTHORIZATION statements before each and every
statement in the pg_dump. This would make each statement atomic as
Dennis,
Another observation is that SET SESSION AUTHORIZATION postgres; and RESET
SESSION AUTHORIZATION; would be the same when postgres is the superuser.
By not using the name of the superuser one get the benefit that one can
restore as another superuser (but see the part about acl's below).
People:
Having today spent 3.5 hours correcting a pg_dump file with permissions
problems, I've come to the inescapable realization that the SESSION
AUTHORIZATION concept is WAY too fragile.
Instead, we should have a CREATE WITH OWNER username extension to all
of our CREATE object
Josh Berkus [EMAIL PROTECTED] writes:
Instead, we should have a CREATE WITH OWNER username extension to all
of our CREATE object statements.
The main objection to this is that it makes the dump completely
unportable.
CREATE followed by ALTER ... CHANGE OWNER would not be an adequate
Tom,
The main objection to this is that it makes the dump completely
unportable.
That's a powerful argument.
Dennis and I are hashing this out on IRC. The second option would be to
simply put SET SESSION AUTHORIZATION statements before each and every
statement in the pg_dump. This
Josh Berkus [EMAIL PROTECTED] writes:
Dennis and I are hashing this out on IRC. The second option would be to
simply put SET SESSION AUTHORIZATION statements before each and every
statement in the pg_dump. This would make each statement atomic as far as
user ownership is concerned, with
Tom,
No, you misunderstood me. The bug of which you are complaining (namely,
ALTER OWNER not fixing the ACL list) is gone in 8.0; therefore you are
arguing from a faulty premise about whether this change is needed.
Aha, I misunderstood the terse phrasing ;-)
Will have to try destruction
