On Sun, Oct 15, 2023 at 10:47:22PM -0400, Tom Lane wrote:
> I agree that that probably is the root cause, and we should fix it
> by bumping up max_worker_processes in this test.
Thanks. I've fixed this one now. Let's see if mamba is OK after
that.
> If there's actually a defensible reason for t
Michael Paquier writes:
> The buildfarm has provided some feedback, and the new tests have been
> unstable on mamba:
> https://buildfarm.postgresql.org/cgi-bin/show_log.pl?nm=mamba&dt=2023-10-15%2005%3A04%3A21
Yeah. FWIW, I tried to reproduce this on mamba's host, but did not
see it again in 100
On Thu, Oct 12, 2023 at 07:42:28AM +0200, Drouvot, Bertrand wrote:
> On 10/12/23 2:26 AM, Michael Paquier wrote:
>> I have tweaked a few comments, and applied that. Thanks.
>
> Oh and you also closed the CF entry, thanks!
The buildfarm has provided some feedback, and the new tests have been
unst
Hi,
On 10/12/23 2:26 AM, Michael Paquier wrote:
On Wed, Oct 11, 2023 at 08:48:04AM +0200, Drouvot, Bertrand wrote:
Yeah, agree. Changed in v12 attached.
I have tweaked a few comments, and applied that. Thanks.
Oh and you also closed the CF entry, thanks!
Regards,
--
Bertrand Drouvot
Post
On Wed, Oct 11, 2023 at 08:48:04AM +0200, Drouvot, Bertrand wrote:
> Yeah, agree. Changed in v12 attached.
I have tweaked a few comments, and applied that. Thanks.
--
Michael
signature.asc
Description: PGP signature
Hi,
On 10/11/23 5:40 AM, Michael Paquier wrote:
On Wed, Oct 11, 2023 at 08:26:42AM +0900, Michael Paquier wrote:
/* flags for InitPostgres() */
#define INIT_PG_LOAD_SESSION_LIBS 0x0001
#define INIT_PG_OVERRIDE_ALLOW_CONNS 0x0002
+#define INIT_PG_BYPASS_ROLE_LOGIN 0x0004
In 00
On Wed, Oct 11, 2023 at 08:26:42AM +0900, Michael Paquier wrote:
> On Tue, Oct 10, 2023 at 09:12:49AM +0200, Drouvot, Bertrand wrote:
> > On 10/10/23 7:58 AM, Michael Paquier wrote:
> >> I was looking at v8 just before you sent this v9, and still got
> >> annoyed by the extra boolean argument added
On Tue, Oct 10, 2023 at 09:12:49AM +0200, Drouvot, Bertrand wrote:
> On 10/10/23 7:58 AM, Michael Paquier wrote:
>> I was looking at v8 just before you sent this v9, and still got
>> annoyed by the extra boolean argument added to InitPostgres().
>
> Arf, I did not look at it as I had in mind to lo
On 10/10/23 9:21 AM, Michael Paquier wrote:
On Tue, Oct 10, 2023 at 09:18:04AM +0200, Drouvot, Bertrand wrote:
Please forget about it ;-)
That's called an ENOCOFFEE :D
Exactly, good one! ;-)
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Se
On Tue, Oct 10, 2023 at 09:18:04AM +0200, Drouvot, Bertrand wrote:
> Please forget about it ;-)
That's called an ENOCOFFEE :D
--
Michael
signature.asc
Description: PGP signature
On 10/10/23 9:12 AM, Drouvot, Bertrand wrote:
Hi,
Any reason why INIT_PG_BYPASS_ROLE_LOGIN is not 0x0003?
Please forget about it ;-)
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
Hi,
On 10/10/23 7:58 AM, Michael Paquier wrote:
On Tue, Oct 10, 2023 at 06:57:05AM +0200, Drouvot, Bertrand wrote:
Please find attached v9 (v8 rebase due to f483b2090).
I was looking at v8 just before you sent this v9, and still got
annoyed by the extra boolean argument added to InitPostgres(
On Tue, Oct 10, 2023 at 06:57:05AM +0200, Drouvot, Bertrand wrote:
> Please find attached v9 (v8 rebase due to f483b2090).
I was looking at v8 just before you sent this v9, and still got
annoyed by the extra boolean argument added to InitPostgres(). So
please let me propose to bite the bullet and
Hi,
On 10/6/23 8:48 AM, Drouvot, Bertrand wrote:
Hi,
On 10/5/23 6:23 PM, Bharath Rupireddy wrote:
On Thu, Oct 5, 2023 at 9:32 PM Drouvot, Bertrand
wrote:
+ CREATE ROLE nologrole with nologin;
+ GRANT CREATE ON DATABASE mydb TO nologrole;
A few nit-picks:
1. s/with/WITH
2. s/nologin/NOL
On Mon, Oct 09, 2023 at 11:11:58PM -0400, Tom Lane wrote:
> Michael Paquier writes:
>> Saying that, I'm OK with just dropping this query, as it could also be
>> possible that one decides that calling pgstat_bestart() before the
>> datallowconn check is a good idea for a reason or another.
>
> Not
Michael Paquier writes:
> On Mon, Oct 09, 2023 at 12:20:18PM -0400, Tom Lane wrote:
>> There will be a window where the worker has logged "database
>> "noconndb" is not currently accepting connections" but hasn't yet
>> exited, so that conceivably this query could see a positive count.
> I don't
On Mon, Oct 09, 2023 at 12:20:18PM -0400, Tom Lane wrote:
> There will be a window where the worker has logged "database
> "noconndb" is not currently accepting connections" but hasn't yet
> exited, so that conceivably this query could see a positive count.
I don't think that's possible here. The
Michael Paquier writes:
> Another thing is that we cannot rely on the PID returned by launch()
> as it could fail, so $worker3_pid needs to disappear. If we do that,
> I'd rather just switch to a specific database for the tests with
> ALLOWCONN rather than reuse "mydb" that could have other worke
On Sun, Oct 08, 2023 at 05:48:55PM -0400, Tom Lane wrote:
> There have been intermittent failures on various buildfarm machines
> since this went in. After seeing one on my own animal mamba [1],
> I tried to reproduce it manually on that machine, and it does
> indeed fail about one time in two. T
Michael Paquier writes:
> On Fri, Oct 06, 2023 at 03:29:28PM +0900, Michael Paquier wrote:
>> Andres, are there logs for this TAP test on serinus? Or perhaps there
>> is a core file that could be looked at? The other animals are not
>> showing anything for the moment.
> Well, it looks OK. Stil
On Fri, Oct 06, 2023 at 03:29:28PM +0900, Michael Paquier wrote:
> Andres, are there logs for this TAP test on serinus? Or perhaps there
> is a core file that could be looked at? The other animals are not
> showing anything for the moment.
serinus has reported back once again, and just returned
Hi,
On 10/5/23 6:23 PM, Bharath Rupireddy wrote:
On Thu, Oct 5, 2023 at 9:32 PM Drouvot, Bertrand
wrote:
+ CREATE ROLE nologrole with nologin;
+ GRANT CREATE ON DATABASE mydb TO nologrole;
A few nit-picks:
1. s/with/WITH
2. s/nologin/NOLOGIN
done in v8 attached.
3. + is specified a
On Fri, Oct 06, 2023 at 09:09:10AM +0900, Michael Paquier wrote:
> I am not completely sure what you mean here. We've never supported
> load_session_libraries for background workers, and I'm not quite sure
> that there is a case for it. FWIW, my idea around that would be to
> have two separate se
On Thu, Oct 05, 2023 at 05:51:31PM +0530, Bharath Rupireddy wrote:
> I think changing BGWORKER_BYPASS_ALLOWCONN to 0x0001 and having bits32
> for InitPostgres inputs load_session_libraries and
> override_allow_connections can be 0001 in this patch series so that it
> can go first, no? This avoids t
On Thu, Oct 05, 2023 at 05:51:31PM +0530, Bharath Rupireddy wrote:
> I think changing BGWORKER_BYPASS_ALLOWCONN to 0x0001 and having bits32
> for InitPostgres inputs load_session_libraries and
> override_allow_connections can be 0001 in this patch series so that it
> can go first, no? This avoids t
On Thu, Oct 5, 2023 at 9:32 PM Drouvot, Bertrand
wrote:
>
> + CREATE ROLE nologrole with nologin;
> + GRANT CREATE ON DATABASE mydb TO nologrole;
A few nit-picks:
1. s/with/WITH
2. s/nologin/NOLOGIN
3. + is specified as flags it is possible to
bypass the login check to connect to databases.
Hi,
On 10/5/23 2:21 PM, Bharath Rupireddy wrote:
On Thu, Oct 5, 2023 at 12:22 PM Drouvot, Bertrand
wrote:
A comment on v6-0002:
1.
+ CREATE ROLE nologrole with nologin;
+ ALTER ROLE nologrole with superuser;
+]);
We don't need superuser privileges here, do we? Or do we need it for
the work
On Thu, Oct 5, 2023 at 12:22 PM Drouvot, Bertrand
wrote:
>
> >
> > @@ -719,6 +719,7 @@ InitPostgres(const char *in_dbname, Oid dboid,
> >const char *username, Oid useroid,
> >bool load_session_libraries,
> >bool override_allow
Hi,
On 10/5/23 7:10 AM, Michael Paquier wrote:
On Wed, Oct 04, 2023 at 12:54:24PM +0200, Drouvot, Bertrand wrote:
Except the Nit that I mentioned in 0001, that looks all good to me (with the
new wait in 001_worker_spi.pl).
Thanks, I've applied the refactoring, including in it the stuff to be
On Wed, Oct 04, 2023 at 12:54:24PM +0200, Drouvot, Bertrand wrote:
> Except the Nit that I mentioned in 0001, that looks all good to me (with the
> new wait in 001_worker_spi.pl).
Thanks, I've applied the refactoring, including in it the stuff to be
able to control the flags used when launching a
Hi,
On 10/4/23 8:20 AM, Michael Paquier wrote:
On Mon, Oct 02, 2023 at 10:53:22AM +0200, Drouvot, Bertrand wrote:
On 10/2/23 10:17 AM, Michael Paquier wrote:
On Mon, Oct 02, 2023 at 10:01:04AM +0200, Drouvot, Bertrand wrote:
I think that would make sense to have more flexibility in the worker
On Mon, Oct 02, 2023 at 10:53:22AM +0200, Drouvot, Bertrand wrote:
> On 10/2/23 10:17 AM, Michael Paquier wrote:
>> On Mon, Oct 02, 2023 at 10:01:04AM +0200, Drouvot, Bertrand wrote:
>>> I think that would make sense to have more flexibility in the worker_spi
>>> module. I think that could be done
On Tue, Oct 03, 2023 at 07:02:11PM +0530, Bharath Rupireddy wrote:
> On Tue, Oct 3, 2023 at 5:45 PM Drouvot, Bertrand
> wrote:
>> I did some research and BGWORKER_BYPASS_ALLOWCONN has been added in
>> eed1ce72e1 and
>> at that time the bgw_flags did already exist.
>>
>> In this the related thread
On Tue, Oct 3, 2023 at 5:45 PM Drouvot, Bertrand
wrote:
>
> > While I like the idea of the flag to skip login checks for bg workers,
> > I don't quite like the APIs being changes InitializeSessionUserId and
> > InitPostgres (adding a new input parameter),
> > BackgroundWorkerInitializeConnection a
Hi,
On 10/3/23 11:21 AM, Bharath Rupireddy wrote:
On Mon, Oct 2, 2023 at 4:58 PM Drouvot, Bertrand
wrote:
On 9/29/23 8:19 AM, Michael Paquier wrote:
On Thu, Sep 28, 2023 at 02:37:02PM +0200, Drouvot, Bertrand wrote:
This patch allows the role provided in BackgroundWorkerInitializeConnection
On Mon, Oct 2, 2023 at 4:58 PM Drouvot, Bertrand
wrote:
>
> On 9/29/23 8:19 AM, Michael Paquier wrote:
> > On Thu, Sep 28, 2023 at 02:37:02PM +0200, Drouvot, Bertrand wrote:
> >> This patch allows the role provided in
> >> BackgroundWorkerInitializeConnection()
> >> and BackgroundWorkerInitialize
Hi,
On 10/2/23 10:17 AM, Michael Paquier wrote:
On Mon, Oct 02, 2023 at 10:01:04AM +0200, Drouvot, Bertrand wrote:
I think that would make sense to have more flexibility in the worker_spi
module. I think that could be done in a dedicated patch though. I
think it makes more sense to have the cur
On Mon, Oct 02, 2023 at 10:01:04AM +0200, Drouvot, Bertrand wrote:
> I think that would make sense to have more flexibility in the worker_spi
> module. I think that could be done in a dedicated patch though. I
> think it makes more sense to have the current patch "focusing" on
> this new flag (whil
Hi,
On 9/29/23 8:19 AM, Michael Paquier wrote:
On Thu, Sep 28, 2023 at 02:37:02PM +0200, Drouvot, Bertrand wrote:
This patch allows the role provided in BackgroundWorkerInitializeConnection()
and BackgroundWorkerInitializeConnectionByOid() to lack login authorization.
Interesting. Yes, there
On Thu, Sep 28, 2023 at 02:37:02PM +0200, Drouvot, Bertrand wrote:
> This patch allows the role provided in BackgroundWorkerInitializeConnection()
> and BackgroundWorkerInitializeConnectionByOid() to lack login authorization.
Interesting. Yes, there would be use cases for that, I suppose.
> +
Hi hackers,
Please find attached a patch proposal to $SUBJECT.
This patch allows the role provided in BackgroundWorkerInitializeConnection()
and BackgroundWorkerInitializeConnectionByOid() to lack login authorization.
In InitPostgres(), in case of a background worker, authentication is not
per
41 matches
Mail list logo
