From bb8582abf3c4db18b508627a52effd43672f9410 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Fri, 6 Mar 2015 23:42:38 -0500 Subject: [PATCH] Remove rolcatupdate This role attribute is an ancient PostgreSQL feature, but could only be set by directly updating the system catalogs, and it doesn't have any clearly defined use. Author: Adam Brightwell --- doc/src/sgml/catalogs.sgml | 38 ------------------------ src/backend/catalog/aclchk.c | 25 ++-------------- src/backend/catalog/system_views.sql | 3 -- src/backend/commands/user.c | 12 +------- src/include/catalog/catversion.h | 2 +- src/include/catalog/pg_authid.h | 18 +++++------ src/test/regress/expected/privileges.out | 6 +++- src/test/regress/expected/rules.out | 3 -- 8 files changed, 17 insertions(+), 90 deletions(-) diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml index 515a40e321..2325962e81 100644 --- a/doc/src/sgml/catalogs.sgml +++ b/doc/src/sgml/catalogs.sgml @@ -1415,15 +1415,6 @@ Role can create databases - - rolcatupdate - bool - - Role can update system catalogs directly. (Even a superuser cannot do - this unless this column is true) - - - rolcanlogin bool @@ -8491,16 +8482,6 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx Role can create databases - - rolcatupdate - bool - - - Role can update system catalogs directly. (Even a superuser cannot do - this unless this column is true) - - - rolcanlogin bool @@ -9019,16 +9000,6 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx User is a superuser - - usecatupd - bool - - - User can update system catalogs. (Even a superuser cannot do - this unless this column is true.) - - - userepl bool @@ -9506,15 +9477,6 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx User is a superuser - - usecatupd - bool - - User can update system catalogs. (Even a superuser cannot do - this unless this column is true.) - - - userepl bool diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c index 1e3888e293..3b456f97ef 100644 --- a/src/backend/catalog/aclchk.c +++ b/src/backend/catalog/aclchk.c @@ -3423,26 +3423,6 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid) } -/* Check if given user has rolcatupdate privilege according to pg_authid */ -static bool -has_rolcatupdate(Oid roleid) -{ - bool rolcatupdate; - HeapTuple tuple; - - tuple = SearchSysCache1(AUTHOID, ObjectIdGetDatum(roleid)); - if (!HeapTupleIsValid(tuple)) - ereport(ERROR, - (errcode(ERRCODE_UNDEFINED_OBJECT), - errmsg("role with OID %u does not exist", roleid))); - - rolcatupdate = ((Form_pg_authid) GETSTRUCT(tuple))->rolcatupdate; - - ReleaseSysCache(tuple); - - return rolcatupdate; -} - /* * Relay for the various pg_*_mask routines depending on object kind */ @@ -3620,8 +3600,7 @@ pg_class_aclmask(Oid table_oid, Oid roleid, /* * Deny anyone permission to update a system catalog unless - * pg_authid.rolcatupdate is set. (This is to let superusers protect - * themselves from themselves.) Also allow it if allowSystemTableMods. + * pg_authid.rolsuper is set. Also allow it if allowSystemTableMods. * * As of 7.4 we have some updatable system views; those shouldn't be * protected in this way. Assume the view rules can take care of @@ -3630,7 +3609,7 @@ pg_class_aclmask(Oid table_oid, Oid roleid, if ((mask & (ACL_INSERT | ACL_UPDATE | ACL_DELETE | ACL_TRUNCATE | ACL_USAGE)) && IsSystemClass(table_oid, classForm) && classForm->relkind != RELKIND_VIEW && - !has_rolcatupdate(roleid) && + !superuser_arg(roleid) && !allowSystemTableMods) { #ifdef ACLDEBUG diff --git a/src/backend/catalog/system_views.sql b/src/backend/catalog/system_views.sql index 5e69e2b2ad..2800f73fb6 100644 --- a/src/backend/catalog/system_views.sql +++ b/src/backend/catalog/system_views.sql @@ -13,7 +13,6 @@ CREATE VIEW pg_roles AS rolinherit, rolcreaterole, rolcreatedb, - rolcatupdate, rolcanlogin, rolreplication, rolconnlimit, @@ -31,7 +30,6 @@ CREATE VIEW pg_shadow AS pg_authid.oid AS usesysid, rolcreatedb AS usecreatedb, rolsuper AS usesuper, - rolcatupdate AS usecatupd, rolreplication AS userepl, rolbypassrls AS usebypassrls, rolpassword AS passwd, @@ -57,7 +55,6 @@ CREATE VIEW pg_user AS usesysid, usecreatedb, usesuper, - usecatupd, userepl, usebypassrls, '********'::text as passwd, diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c index 0d30838aee..0ba7ba0c20 100644 --- a/src/backend/commands/user.c +++ b/src/backend/commands/user.c @@ -368,8 +368,6 @@ CreateRole(CreateRoleStmt *stmt) new_record[Anum_pg_authid_rolinherit - 1] = BoolGetDatum(inherit); new_record[Anum_pg_authid_rolcreaterole - 1] = BoolGetDatum(createrole); new_record[Anum_pg_authid_rolcreatedb - 1] = BoolGetDatum(createdb); - /* superuser gets catupdate right by default */ - new_record[Anum_pg_authid_rolcatupdate - 1] = BoolGetDatum(issuper); new_record[Anum_pg_authid_rolcanlogin - 1] = BoolGetDatum(canlogin); new_record[Anum_pg_authid_rolreplication - 1] = BoolGetDatum(isreplication); new_record[Anum_pg_authid_rolconnlimit - 1] = Int32GetDatum(connlimit); @@ -734,20 +732,12 @@ AlterRole(AlterRoleStmt *stmt) MemSet(new_record_repl, false, sizeof(new_record_repl)); /* - * issuper/createrole/catupdate/etc - * - * XXX It's rather unclear how to handle catupdate. It's probably best to - * keep it equal to the superuser status, otherwise you could end up with - * a situation where no existing superuser can alter the catalogs, - * including pg_authid! + * issuper/createrole/etc */ if (issuper >= 0) { new_record[Anum_pg_authid_rolsuper - 1] = BoolGetDatum(issuper > 0); new_record_repl[Anum_pg_authid_rolsuper - 1] = true; - - new_record[Anum_pg_authid_rolcatupdate - 1] = BoolGetDatum(issuper > 0); - new_record_repl[Anum_pg_authid_rolcatupdate - 1] = true; } if (inherit >= 0) diff --git a/src/include/catalog/catversion.h b/src/include/catalog/catversion.h index f416094380..76c64cd122 100644 --- a/src/include/catalog/catversion.h +++ b/src/include/catalog/catversion.h @@ -53,6 +53,6 @@ */ /* yyyymmddN */ -#define CATALOG_VERSION_NO 201503031 +#define CATALOG_VERSION_NO 201503061 #endif diff --git a/src/include/catalog/pg_authid.h b/src/include/catalog/pg_authid.h index b3f43e14ac..d5f19d6aab 100644 --- a/src/include/catalog/pg_authid.h +++ b/src/include/catalog/pg_authid.h @@ -49,7 +49,6 @@ CATALOG(pg_authid,1260) BKI_SHARED_RELATION BKI_ROWTYPE_OID(2842) BKI_SCHEMA_MAC bool rolinherit; /* inherit privileges from other roles? */ bool rolcreaterole; /* allowed to create more roles? */ bool rolcreatedb; /* allowed to create databases? */ - bool rolcatupdate; /* allowed to alter catalogs manually? */ bool rolcanlogin; /* allowed to log in as session user? */ bool rolreplication; /* role used for streaming replication */ bool rolbypassrls; /* allowed to bypass row level security? */ @@ -76,19 +75,18 @@ typedef FormData_pg_authid *Form_pg_authid; * compiler constants for pg_authid * ---------------- */ -#define Natts_pg_authid 12 +#define Natts_pg_authid 11 #define Anum_pg_authid_rolname 1 #define Anum_pg_authid_rolsuper 2 #define Anum_pg_authid_rolinherit 3 #define Anum_pg_authid_rolcreaterole 4 #define Anum_pg_authid_rolcreatedb 5 -#define Anum_pg_authid_rolcatupdate 6 -#define Anum_pg_authid_rolcanlogin 7 -#define Anum_pg_authid_rolreplication 8 -#define Anum_pg_authid_rolbypassrls 9 -#define Anum_pg_authid_rolconnlimit 10 -#define Anum_pg_authid_rolpassword 11 -#define Anum_pg_authid_rolvaliduntil 12 +#define Anum_pg_authid_rolcanlogin 6 +#define Anum_pg_authid_rolreplication 7 +#define Anum_pg_authid_rolbypassrls 8 +#define Anum_pg_authid_rolconnlimit 9 +#define Anum_pg_authid_rolpassword 10 +#define Anum_pg_authid_rolvaliduntil 11 /* ---------------- * initial contents of pg_authid @@ -97,7 +95,7 @@ typedef FormData_pg_authid *Form_pg_authid; * user choices. * ---------------- */ -DATA(insert OID = 10 ( "POSTGRES" t t t t t t t t -1 _null_ _null_)); +DATA(insert OID = 10 ( "POSTGRES" t t t t t t t -1 _null_ _null_)); #define BOOTSTRAP_SUPERUSERID 10 diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out index 74b0450f19..0db1df3040 100644 --- a/src/test/regress/expected/privileges.out +++ b/src/test/regress/expected/privileges.out @@ -676,7 +676,11 @@ ERROR: role "nosuchuser" does not exist select has_table_privilege('pg_authid','sel'); ERROR: unrecognized privilege type: "sel" select has_table_privilege(-999999,'pg_authid','update'); -ERROR: role with OID 4293967297 does not exist + has_table_privilege +--------------------- + f +(1 row) + select has_table_privilege(1,'select'); has_table_privilege --------------------- diff --git a/src/test/regress/expected/rules.out b/src/test/regress/expected/rules.out index 26c60e4153..17882704d4 100644 --- a/src/test/regress/expected/rules.out +++ b/src/test/regress/expected/rules.out @@ -1406,7 +1406,6 @@ pg_roles| SELECT pg_authid.rolname, pg_authid.rolinherit, pg_authid.rolcreaterole, pg_authid.rolcreatedb, - pg_authid.rolcatupdate, pg_authid.rolcanlogin, pg_authid.rolreplication, pg_authid.rolconnlimit, @@ -1607,7 +1606,6 @@ pg_shadow| SELECT pg_authid.rolname AS usename, pg_authid.oid AS usesysid, pg_authid.rolcreatedb AS usecreatedb, pg_authid.rolsuper AS usesuper, - pg_authid.rolcatupdate AS usecatupd, pg_authid.rolreplication AS userepl, pg_authid.rolbypassrls AS usebypassrls, pg_authid.rolpassword AS passwd, @@ -2062,7 +2060,6 @@ pg_user| SELECT pg_shadow.usename, pg_shadow.usesysid, pg_shadow.usecreatedb, pg_shadow.usesuper, - pg_shadow.usecatupd, pg_shadow.userepl, pg_shadow.usebypassrls, '********'::text AS passwd, -- 2.40.0