Обсуждение: pgsql: Add allow_alter_system GUC.
Add allow_alter_system GUC. This is marked PGC_SIGHUP, so it can only be set in a configuration file, not anywhere else; and it is also marked GUC_DISALLOW_IN_AUTO_FILE, so it can't be set using ALTER SYSTEM. When set to false, the ALTER SYSTEM command is disallowed. There was considerable concern that this would be misinterpreted as a security feature, which it is not, because a determined superuser has various ways of bypassing it. Hence, a lot of work has gone into wordsmithing the documentation, in the hopes of avoiding any such confusion. Jelte Fennemia-Nio and Gabriele Bartolini, with wording suggestions for the documentation from many others. Discussion: http://postgr.es/m/CA%2BVUV5rEKt2%2BCdC_KUaPoihMu%2Bi5ChT4WVNTr4CD5-xXZUfuQw%40mail.gmail.com Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/d3ae2a24f265a028f4b9e8df79ea7b075c6cf016 Modified Files -------------- doc/src/sgml/config.sgml | 51 ++++++++++++++++++++++++++- doc/src/sgml/ref/alter_system.sgml | 8 +++++ src/backend/utils/misc/guc.c | 5 +++ src/backend/utils/misc/guc_tables.c | 17 +++++++++ src/backend/utils/misc/postgresql.conf.sample | 1 + src/include/utils/guc.h | 1 + 6 files changed, 82 insertions(+), 1 deletion(-)
Oh no! Jelte, I'm so sorry ... I spelled your name wrong in this commit message. :-( Please accept my apologies. ...Robert On Fri, Mar 29, 2024 at 8:45 AM Robert Haas <rhaas@postgresql.org> wrote: > > Add allow_alter_system GUC. > > This is marked PGC_SIGHUP, so it can only be set in a configuration > file, not anywhere else; and it is also marked GUC_DISALLOW_IN_AUTO_FILE, > so it can't be set using ALTER SYSTEM. When set to false, the > ALTER SYSTEM command is disallowed. > > There was considerable concern that this would be misinterpreted as > a security feature, which it is not, because a determined superuser > has various ways of bypassing it. Hence, a lot of work has gone into > wordsmithing the documentation, in the hopes of avoiding any such > confusion. > > Jelte Fennemia-Nio and Gabriele Bartolini, with wording suggestions > for the documentation from many others. > > Discussion: http://postgr.es/m/CA%2BVUV5rEKt2%2BCdC_KUaPoihMu%2Bi5ChT4WVNTr4CD5-xXZUfuQw%40mail.gmail.com > > Branch > ------ > master > > Details > ------- > https://git.postgresql.org/pg/commitdiff/d3ae2a24f265a028f4b9e8df79ea7b075c6cf016 > > Modified Files > -------------- > doc/src/sgml/config.sgml | 51 ++++++++++++++++++++++++++- > doc/src/sgml/ref/alter_system.sgml | 8 +++++ > src/backend/utils/misc/guc.c | 5 +++ > src/backend/utils/misc/guc_tables.c | 17 +++++++++ > src/backend/utils/misc/postgresql.conf.sample | 1 + > src/include/utils/guc.h | 1 + > 6 files changed, 82 insertions(+), 1 deletion(-) > -- Robert Haas EDB: http://www.enterprisedb.com
no worries, these things happen. I'm just glad it's committed and I can now focus on different things than back and forth discussion over documentation that all looks pretty much identical to me. On Fri, 29 Mar 2024 at 13:47, Robert Haas <robertmhaas@gmail.com> wrote: > > Oh no! Jelte, I'm so sorry ... I spelled your name wrong in this > commit message. :-( > > Please accept my apologies. > > ...Robert > > On Fri, Mar 29, 2024 at 8:45 AM Robert Haas <rhaas@postgresql.org> wrote: > > > > Add allow_alter_system GUC. > > > > This is marked PGC_SIGHUP, so it can only be set in a configuration > > file, not anywhere else; and it is also marked GUC_DISALLOW_IN_AUTO_FILE, > > so it can't be set using ALTER SYSTEM. When set to false, the > > ALTER SYSTEM command is disallowed. > > > > There was considerable concern that this would be misinterpreted as > > a security feature, which it is not, because a determined superuser > > has various ways of bypassing it. Hence, a lot of work has gone into > > wordsmithing the documentation, in the hopes of avoiding any such > > confusion. > > > > Jelte Fennemia-Nio and Gabriele Bartolini, with wording suggestions > > for the documentation from many others. > > > > Discussion: http://postgr.es/m/CA%2BVUV5rEKt2%2BCdC_KUaPoihMu%2Bi5ChT4WVNTr4CD5-xXZUfuQw%40mail.gmail.com > > > > Branch > > ------ > > master > > > > Details > > ------- > > https://git.postgresql.org/pg/commitdiff/d3ae2a24f265a028f4b9e8df79ea7b075c6cf016 > > > > Modified Files > > -------------- > > doc/src/sgml/config.sgml | 51 ++++++++++++++++++++++++++- > > doc/src/sgml/ref/alter_system.sgml | 8 +++++ > > src/backend/utils/misc/guc.c | 5 +++ > > src/backend/utils/misc/guc_tables.c | 17 +++++++++ > > src/backend/utils/misc/postgresql.conf.sample | 1 + > > src/include/utils/guc.h | 1 + > > 6 files changed, 82 insertions(+), 1 deletion(-) > > > > > -- > Robert Haas > EDB: http://www.enterprisedb.com
On Fri, Mar 29, 2024 at 9:03 AM Jelte Fennema-Nio <postgres@jeltef.nl> wrote: > no worries, these things happen. I'm just glad it's committed and I > can now focus on different things than back and forth discussion over > documentation that all looks pretty much identical to me. Yeah, imagine that! -- Robert Haas EDB: http://www.enterprisedb.com
On Fri, Mar 29, 2024 at 08:47:18AM -0400, Robert Haas wrote: > Oh no! Jelte, I'm so sorry ... I spelled your name wrong in this > commit message. :-( > > Please accept my apologies. I have made a record of this so I will make sure it is accurate in the release notes. -- Bruce Momjian <bruce@momjian.us> https://momjian.us EDB https://enterprisedb.com Only you can decide what is important to you.
On Fri, Mar 29, 2024 at 08:47:18AM -0400, Robert Haas wrote: > Oh no! Jelte, I'm so sorry ... I spelled your name wrong in this > commit message. :-( > > Please accept my apologies. I have corrected his name in the release notes for this item. -- Bruce Momjian <bruce@momjian.us> https://momjian.us EDB https://enterprisedb.com Only you can decide what is important to you.