Обсуждение: DROP ROLE dependency tracking ...

Поиск
Список
Период
Сортировка

DROP ROLE dependency tracking ...

От
Hans-Juergen Schoenig
Дата:
good morning,

some days ago i have fallen over an issue which feels more or less like 
a bug. consider:


test=# create role xy LOGIN;
CREATE ROLE

test=# grant connect on database test to xy;
GRANT

test=# drop role xy;
ERROR:  role "xy" cannot be dropped because some objects depend on it
DETAIL:  access to database test

this is a totally fresh instance --- all i did was creating a db called 
"test".
failing would make sense if i would the owner of an object but i fact i 
don't own anything.

test=# SELECT version();                                                
version                                                 
----------------------------------------------------------------------------------------------------------PostgreSQL
8.4develon x86_64-unknown-linux-gnu, compiled by GCC gcc 
 
(GCC) 4.2.3 (Ubuntu 4.2.3-2ubuntu7)
(1 row)

is this a known issue?
   many thanks,
      hans


-- 
Cybertec Schönig & Schönig GmbH
PostgreSQL Solutions and Support
Gröhrmühlgasse 26, A-2700 Wiener Neustadt
Tel: +43/1/205 10 35 / 340
www.postgresql-support.de, www.postgresql-support.com



Re: DROP ROLE dependency tracking ...

От
Alvaro Herrera
Дата:
Hans-Juergen Schoenig wrote:

> test=# create role xy LOGIN;
> CREATE ROLE
>
> test=# grant connect on database test to xy;
> GRANT
>
> test=# drop role xy;
> ERROR:  role "xy" cannot be dropped because some objects depend on it
> DETAIL:  access to database test
>
> this is a totally fresh instance --- all i did was creating a db called  
> "test".
> failing would make sense if i would the owner of an object but i fact i  
> don't own anything.

But in some cases you might not want to lose the information associated
to the grants you've done.  That's why we have REASSIGN OWNED.

Hmm, but then there's no way to lose it, even if you do want that.  DROP
OWNED does not touch grants (which is per design), but we don't have
DROP ROLE CASCADE.  So maybe there's a functionality gap here ...

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.


Re: DROP ROLE dependency tracking ...

От
Hans-Juergen Schoenig
Дата:
Alvaro Herrera wrote:
> Hans-Juergen Schoenig wrote:
>
>   
>> test=# create role xy LOGIN;
>> CREATE ROLE
>>
>> test=# grant connect on database test to xy;
>> GRANT
>>
>> test=# drop role xy;
>> ERROR:  role "xy" cannot be dropped because some objects depend on it
>> DETAIL:  access to database test
>>
>> this is a totally fresh instance --- all i did was creating a db called  
>> "test".
>> failing would make sense if i would the owner of an object but i fact i  
>> don't own anything.
>>     
>
> But in some cases you might not want to lose the information associated
> to the grants you've done.  That's why we have REASSIGN OWNED.
>
> Hmm, but then there's no way to lose it, even if you do want that.  DROP
> OWNED does not touch grants (which is per design), but we don't have
> DROP ROLE CASCADE.  So maybe there's a functionality gap here ...
>
>   

when thinking of REASSIGNED OWNED people tend to think about tables 
rather than about CONNECT rights.
i would suggest to make DROP ROLE just kill the role unless there is a 
real object depending on it.
i would not see a permission to be an object. what do you think?
   many thanks,
      hans



-- 
Cybertec Schönig & Schönig GmbH
PostgreSQL Solutions and Support
Gröhrmühlgasse 26, A-2700 Wiener Neustadt
Tel: +43/1/205 10 35 / 340
www.postgresql-support.de, www.postgresql-support.com



Re: DROP ROLE dependency tracking ...

От
Alvaro Herrera
Дата:
Hans-Juergen Schoenig wrote:

> when thinking of REASSIGNED OWNED people tend to think about tables  
> rather than about CONNECT rights.
> i would suggest to make DROP ROLE just kill the role unless there is a  
> real object depending on it.
> i would not see a permission to be an object. what do you think?

Yes, this might make some sense.  (Keep in mind that db CONNECT
privileges were invented after REASSIGN OWNED).  Perhaps we could make
exceptions -- in which case it would be good to investigate which
exceptions we need (i.e. for all object types that we support, which
ones we should be caring about and which ones we should ignore).

I'm stuck in Canuckistan for a week still, so I expect your detailed
proposal by when I get back home ;-)

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support


Re: DROP ROLE dependency tracking ...

От
Bruce Momjian
Дата:
Alvaro Herrera wrote:
> Hans-Juergen Schoenig wrote:
> 
> > when thinking of REASSIGNED OWNED people tend to think about tables  
> > rather than about CONNECT rights.
> > i would suggest to make DROP ROLE just kill the role unless there is a  
> > real object depending on it.
> > i would not see a permission to be an object. what do you think?
> 
> Yes, this might make some sense.  (Keep in mind that db CONNECT
> privileges were invented after REASSIGN OWNED).  Perhaps we could make
> exceptions -- in which case it would be good to investigate which
> exceptions we need (i.e. for all object types that we support, which
> ones we should be caring about and which ones we should ignore).
> 
> I'm stuck in Canuckistan for a week still, so I expect your detailed
> proposal by when I get back home ;-)

Where are we on this issue?  The original issue was CONNECT priviledges
prevented the role from being dropped.

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + If your life is a hard drive, Christ can be your backup. +


Re: DROP ROLE dependency tracking ...

От
Bruce Momjian
Дата:
Alvaro Herrera wrote:
> Hans-Juergen Schoenig wrote:
> 
> > when thinking of REASSIGNED OWNED people tend to think about tables  
> > rather than about CONNECT rights.
> > i would suggest to make DROP ROLE just kill the role unless there is a  
> > real object depending on it.
> > i would not see a permission to be an object. what do you think?
> 
> Yes, this might make some sense.  (Keep in mind that db CONNECT
> privileges were invented after REASSIGN OWNED).  Perhaps we could make
> exceptions -- in which case it would be good to investigate which
> exceptions we need (i.e. for all object types that we support, which
> ones we should be caring about and which ones we should ignore).
> 
> I'm stuck in Canuckistan for a week still, so I expect your detailed
> proposal by when I get back home ;-)

Was there any progress on this?

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + If your life is a hard drive, Christ can be your backup. +


Re: DROP ROLE dependency tracking ...

От
Alvaro Herrera
Дата:
Bruce Momjian wrote:
> Alvaro Herrera wrote:
> > Hans-Juergen Schoenig wrote:
> > 
> > > when thinking of REASSIGNED OWNED people tend to think about tables  
> > > rather than about CONNECT rights.
> > > i would suggest to make DROP ROLE just kill the role unless there is a  
> > > real object depending on it.
> > > i would not see a permission to be an object. what do you think?
> > 
> > Yes, this might make some sense.  (Keep in mind that db CONNECT
> > privileges were invented after REASSIGN OWNED).  Perhaps we could make
> > exceptions -- in which case it would be good to investigate which
> > exceptions we need (i.e. for all object types that we support, which
> > ones we should be caring about and which ones we should ignore).
> > 
> > I'm stuck in Canuckistan for a week still, so I expect your detailed
> > proposal by when I get back home ;-)
> 
> Was there any progress on this?

Not from my side --- and Hans-Juergen never got back to me either ...

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.


Re: DROP ROLE dependency tracking ...

От
Bruce Momjian
Дата:
Added to TODO:
Allow dropping of a role that has connection rights
       * http://archives.postgresql.org/pgsql-hackers/2008-05/msg00736.php 

---------------------------------------------------------------------------

Hans-Juergen Schoenig wrote:
> good morning,
> 
> some days ago i have fallen over an issue which feels more or less like 
> a bug. consider:
> 
> 
> test=# create role xy LOGIN;
> CREATE ROLE
> 
> test=# grant connect on database test to xy;
> GRANT
> 
> test=# drop role xy;
> ERROR:  role "xy" cannot be dropped because some objects depend on it
> DETAIL:  access to database test
> 
> this is a totally fresh instance --- all i did was creating a db called 
> "test".
> failing would make sense if i would the owner of an object but i fact i 
> don't own anything.
> 
> test=# SELECT version();
>                                                  
> version                                                 
> ----------------------------------------------------------------------------------------------------------
>  PostgreSQL 8.4devel on x86_64-unknown-linux-gnu, compiled by GCC gcc 
> (GCC) 4.2.3 (Ubuntu 4.2.3-2ubuntu7)
> (1 row)
> 
> is this a known issue?
> 
>     many thanks,
> 
>        hans
> 
> 
> -- 
> Cybertec Sch?nig & Sch?nig GmbH
> PostgreSQL Solutions and Support
> Gr?hrm?hlgasse 26, A-2700 Wiener Neustadt
> Tel: +43/1/205 10 35 / 340
> www.postgresql-support.de, www.postgresql-support.com
> 
> 
> -- 
> Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-hackers

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + If your life is a hard drive, Christ can be your backup. +