Participants
Feike Steenbergen
Feike Steenbergen
Peter Eisentraut
Peter Eisentraut
Attachments
Thread Outline
#1Feike SteenbergenFeike Steenbergen
Aug 21, 2017
#2Peter EisentrautPeter Eisentrautto Feike Steenbergen (#1)
Nov 02, 2017

Document pgstattuple privileges without ambiguity

Started by Feike Steenbergenover 8 years ago2 messages
#1Feike Steenbergen
Feike Steenbergen
feikesteenbergen@gmail.com
1 attachment(s)

Hi,

When installing pgstattuple on 10, the documentation about its
privileges was unclear to me. (Does the pg_stat_scan_tables role get
EXECUTE privileges by default or not?).

By making the privilege paragraph less verbose and a duplicate of the
paragraph used for pgfreespacemap and pgbuffercache we remove the
ambiguity and make the documentation more uniform.

The replacement paragrahp is much less verbose and loses some detailed
pointers (to GRANT syntax), but in this instance I feel less is more.

Regards,

Feike

Attachments:

pgstattuple_privilege_documentation_v1.patchapplication/octet-stream; name=pgstattuple_privilege_documentation_v1.patchDownload
diff --git a/doc/src/sgml/pgstattuple.sgml b/doc/src/sgml/pgstattuple.sgml
index a7c67ae645..4a4950f860 100644
--- a/doc/src/sgml/pgstattuple.sgml
+++ b/doc/src/sgml/pgstattuple.sgml
@@ -13,12 +13,9 @@
  </para>
 
  <para>
-  As these functions return detailed page-level information, only the superuser
-  has EXECUTE privileges on them upon installation.  After the functions have
-  been installed, users may issue <command>GRANT</command> commands to change
-  the privileges on the functions to allow non-superusers to execute them. Members
-  of the <literal>pg_stat_scan_tables</literal> role are granted access by default. See
-  the description of the <xref linkend="sql-grant"> command for specifics.
+  By default use is restricted to superusers and members of the
+  <literal>pg_stat_scan_tables</literal> role. Access may be granted to others
+  using <command>GRANT</command>.
  </para>
 
  <sect2>
#2Peter Eisentraut
Peter Eisentraut
peter.eisentraut@2ndquadrant.com
In reply to: Feike Steenbergen (#1)
Re: Document pgstattuple privileges without ambiguity

On 8/21/17 03:47, Feike Steenbergen wrote:

When installing pgstattuple on 10, the documentation about its
privileges was unclear to me. (Does the pg_stat_scan_tables role get
EXECUTE privileges by default or not?).

I agree that this has gotten a bit confusing after apparently being
patched around a bit recently. I have rewritten it a bit to make it
clearer.

--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

← Back to Topics