Re: Possibility to disable `ALTER SYSTEM`
| От | David G. Johnston |
|---|---|
| Тема | Re: Possibility to disable `ALTER SYSTEM` |
| Дата | |
| Msg-id | CAKFQuwbifGx428gFpGk0Fiiaambtj_LcHBL1-SySqFYdcpXoRQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Possibility to disable `ALTER SYSTEM` (Bruce Momjian <bruce@momjian.us>) |
| Ответы |
Re: Possibility to disable `ALTER SYSTEM`
("David G. Johnston" <david.g.johnston@gmail.com>)
Re: Possibility to disable `ALTER SYSTEM` (Jelte Fennema-Nio <postgres@jeltef.nl>) |
| Список | pgsql-hackers |
On Wed, Mar 27, 2024 at 5:17 PM Bruce Momjian <bruce@momjian.us> wrote:
On Thu, Mar 28, 2024 at 12:43:29AM +0100, Jelte Fennema-Nio wrote:
> + <varlistentry id="guc-allow-alter-system" xreflabel="allow_alter_system">
> + <term><varname>allow_alter_system</varname> (<type>boolean</type>)
> + <indexterm>
> + <primary><varname>allow_alter_system</varname> configuration parameter</primary>
> + </indexterm>
> + </term>
> + <listitem>
> + <para>
> + When <literal>allow_alter_system</literal> is set to
> + <literal>off</literal>, an error is returned if the <command>ALTER
> + SYSTEM</command> command is used. This parameter can only be set in
"command is used." -> "command is issued." ?
"command is executed" seems even better. I'd take used over issued.
> + the <filename>postgresql.conf</filename> file or on the server command
> + line. The default value is <literal>on</literal>.
> + </para>
> +
> + <para>
> + Note that this setting cannot be regarded as a security feature. It
"setting cannot be regarded" -> "setting should not be regarded"
"setting must not be regarded" is the correct option here. Stronger than should; we are unable to control whether someone can/does regard it differently.
> +
> + <para>
> + Turning this setting off is intended for environments where the
> + configuration of <productname>PostgreSQL</productname> is managed by
> + some outside mechanism.
> + In such environments, a well intenioned superuser user might
> + <emphasis>mistakenly</emphasis> use <command>ALTER SYSTEM</command>
> + to change the configuration instead of using the outside mechanism.
> + This might even appear to update the configuration as intended, but
"This might even appear to update" -> "This might temporarily update"
I strongly prefer temporarily over may/might/could.
> + then might be discarded at some point in the future when that outside
"that outside" -> "the outside"
Feel like "external" is a more context appropriate term here than "outside".
External also has precedent.
"External tools may also modify postgresql.auto.conf. It is not recommended to do this while the server is running,"
That suggests using "external tools" instead of "outside mechanisms"
This section is also the main entry point for users into the configuration subsystem and hasn't been updated to reflect this new feature. That seems like an oversight that needs to be corrected.
> + </para>
> +
> + <para>
> + This parameter only controls the use of <command>ALTER SYSTEM</command>.
> + The settings stored in <filename>postgresql.auto.conf</filename> always
"always" -> "still"
Neither qualifier is needed, nor does one seem clearly better than the other. Always is true so the weaker "still" seems like the worse choice.
The following is a complete and clear sentence.
The settings stored in postgresql.auto.conf take effect even if allow_alter_system is set to off.
Should this paragraph be moved after or as part of the paragraph about
modifying postgresql.auto.conf?
I like it by itself.
David J.
В списке pgsql-hackers по дате отправления:
Предыдущее
От: Alexander KorotkovДата:
Сообщение: Re: [HACKERS] make async slave to wait for lsn to be replayed