From: Tom Lane Date: Tue, 12 Jan 2021 18:37:38 +0000 (-0500) Subject: pg_dump: label INDEX ATTACH ArchiveEntries with an owner. X-Git-Tag: REL_14_BETA1~978 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9eabfe300;p=thirdparty%2Fpostgresql.git pg_dump: label INDEX ATTACH ArchiveEntries with an owner. Although a partitioned index's attachment to its parent doesn't have separate ownership, the ArchiveEntry for it needs to be marked with an owner anyway, to ensure that the ALTER command is run by the appropriate role when restoring with --use-set-session-authorization. Without this, the ALTER will be run by the role that started the restore session, which will usually work but it's formally the wrong thing. Back-patch to v11 where this type of ArchiveEntry was added. In HEAD, add equivalent commentary to the just-added TABLE ATTACH case, which I'd made do the right thing already. Discussion: https://postgr.es/m/1094034.1610418498@sss.pgh.pa.us --- diff --git a/src/bin/pg_dump/pg_dump.c b/src/bin/pg_dump/pg_dump.c index f2c88fa6b57..3bcbd4bdc3f 100644 --- a/src/bin/pg_dump/pg_dump.c +++ b/src/bin/pg_dump/pg_dump.c @@ -16404,6 +16404,13 @@ dumpTableAttach(Archive *fout, TableAttachInfo *attachinfo) fmtQualifiedDumpable(attachinfo->partitionTbl), attachinfo->partitionTbl->partbound); + /* + * There is no point in creating a drop query as the drop is done by table + * drop. (If you think to change this, see also _printTocEntry().) + * Although this object doesn't really have ownership as such, set the + * owner field anyway to ensure that the command is run by the correct + * role at restore time. + */ ArchiveEntry(fout, attachinfo->dobj.catId, attachinfo->dobj.dumpId, ARCHIVE_OPTS(.tag = attachinfo->dobj.name, .namespace = attachinfo->dobj.namespace->dobj.name, @@ -16685,9 +16692,17 @@ dumpIndexAttach(Archive *fout, IndexAttachInfo *attachinfo) appendPQExpBuffer(q, "ATTACH PARTITION %s;\n", fmtQualifiedDumpable(attachinfo->partitionIdx)); + /* + * There is no point in creating a drop query as the drop is done by + * index drop. (If you think to change this, see also + * _printTocEntry().) Although this object doesn't really have + * ownership as such, set the owner field anyway to ensure that the + * command is run by the correct role at restore time. + */ ArchiveEntry(fout, attachinfo->dobj.catId, attachinfo->dobj.dumpId, ARCHIVE_OPTS(.tag = attachinfo->dobj.name, .namespace = attachinfo->dobj.namespace->dobj.name, + .owner = attachinfo->parentIdx->indextable->rolname, .description = "INDEX ATTACH", .section = SECTION_POST_DATA, .createStmt = q->data));