2003-11-13 23:13:39 +01:00
|
|
|
/*
|
|
|
|
* PostgreSQL System Views
|
|
|
|
*
|
2016-01-02 19:33:40 +01:00
|
|
|
* Copyright (c) 1996-2016, PostgreSQL Global Development Group
|
2003-11-13 23:13:39 +01:00
|
|
|
*
|
2010-09-20 22:08:53 +02:00
|
|
|
* src/backend/catalog/system_views.sql
|
Adjust behavior of single-user -j mode for better initdb error reporting.
Previously, -j caused the entire input file to be read in and executed as
a single command string. That's undesirable, not least because any error
causes the entire file to be regurgitated as the "failing query". Some
experimentation suggests a better rule: end the command string when we see
a semicolon immediately followed by two newlines, ie, an empty line after
a query. This serves nicely to break up the existing examples such as
information_schema.sql and system_views.sql. A limitation is that it's
no longer possible to write such a sequence within a string literal or
multiline comment in a file meant to be read with -j; but there are no
instances of such a problem within the data currently used by initdb.
(If someone does make such a mistake in future, it'll be obvious because
they'll get an unterminated-literal or unterminated-comment syntax error.)
Other than that, there shouldn't be any negative consequences; you're not
forced to end statements that way, it's just a better idea in most cases.
In passing, remove src/include/tcop/tcopdebug.h, which is dead code
because it's not included anywhere, and hasn't been for more than
ten years. One of the debug-support symbols it purported to describe
has been unreferenced for at least the same amount of time, and the
other is removed by this commit on the grounds that it was useless:
forcing -j mode all the time would have broken initdb. The lack of
complaints about that, or about the missing inclusion, shows that
no one has tried to use TCOP_DONTUSENEWLINE in many years.
2015-12-18 01:34:15 +01:00
|
|
|
*
|
|
|
|
* Note: this file is read in single-user -j mode, which means that the
|
|
|
|
* command terminator is semicolon-newline-newline; whenever the backend
|
|
|
|
* sees that, it stops and executes what it's got. If you write a lot of
|
|
|
|
* statements without empty lines between, they'll all get quoted to you
|
|
|
|
* in any error message about one of them, so don't do that. Also, you
|
|
|
|
* cannot write a semicolon immediately followed by an empty line in a
|
|
|
|
* string literal (including a function body!) or a multiline comment.
|
2003-11-13 23:13:39 +01:00
|
|
|
*/
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_roles AS
|
|
|
|
SELECT
|
2005-06-28 07:09:14 +02:00
|
|
|
rolname,
|
2014-12-23 19:35:49 +01:00
|
|
|
rolsuper,
|
|
|
|
rolinherit,
|
|
|
|
rolcreaterole,
|
|
|
|
rolcreatedb,
|
|
|
|
rolcanlogin,
|
|
|
|
rolreplication,
|
2005-07-31 19:19:22 +02:00
|
|
|
rolconnlimit,
|
2005-06-28 07:09:14 +02:00
|
|
|
'********'::text as rolpassword,
|
|
|
|
rolvaliduntil,
|
2014-12-23 19:35:49 +01:00
|
|
|
rolbypassrls,
|
2009-10-08 00:14:26 +02:00
|
|
|
setconfig as rolconfig,
|
|
|
|
pg_authid.oid
|
|
|
|
FROM pg_authid LEFT JOIN pg_db_role_setting s
|
|
|
|
ON (pg_authid.oid = setrole AND setdatabase = 0);
|
2005-06-28 07:09:14 +02:00
|
|
|
|
|
|
|
CREATE VIEW pg_shadow AS
|
|
|
|
SELECT
|
|
|
|
rolname AS usename,
|
2009-10-08 00:14:26 +02:00
|
|
|
pg_authid.oid AS usesysid,
|
2014-12-23 19:35:49 +01:00
|
|
|
rolcreatedb AS usecreatedb,
|
|
|
|
rolsuper AS usesuper,
|
|
|
|
rolreplication AS userepl,
|
2015-01-29 03:47:15 +01:00
|
|
|
rolbypassrls AS usebypassrls,
|
2005-06-28 07:09:14 +02:00
|
|
|
rolpassword AS passwd,
|
|
|
|
rolvaliduntil::abstime AS valuntil,
|
2009-10-08 00:14:26 +02:00
|
|
|
setconfig AS useconfig
|
|
|
|
FROM pg_authid LEFT JOIN pg_db_role_setting s
|
|
|
|
ON (pg_authid.oid = setrole AND setdatabase = 0)
|
2014-12-23 19:35:49 +01:00
|
|
|
WHERE rolcanlogin;
|
2005-06-28 07:09:14 +02:00
|
|
|
|
|
|
|
REVOKE ALL on pg_shadow FROM public;
|
|
|
|
|
|
|
|
CREATE VIEW pg_group AS
|
|
|
|
SELECT
|
|
|
|
rolname AS groname,
|
|
|
|
oid AS grosysid,
|
|
|
|
ARRAY(SELECT member FROM pg_auth_members WHERE roleid = oid) AS grolist
|
|
|
|
FROM pg_authid
|
2014-12-23 19:35:49 +01:00
|
|
|
WHERE NOT rolcanlogin;
|
2005-06-28 07:09:14 +02:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_user AS
|
|
|
|
SELECT
|
|
|
|
usename,
|
|
|
|
usesysid,
|
|
|
|
usecreatedb,
|
|
|
|
usesuper,
|
2010-12-29 11:05:03 +01:00
|
|
|
userepl,
|
2015-01-29 03:47:15 +01:00
|
|
|
usebypassrls,
|
2010-11-23 21:27:50 +01:00
|
|
|
'********'::text as passwd,
|
|
|
|
valuntil,
|
|
|
|
useconfig
|
2003-11-13 23:13:39 +01:00
|
|
|
FROM pg_shadow;
|
|
|
|
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
CREATE VIEW pg_policies AS
|
|
|
|
SELECT
|
2014-10-03 22:31:53 +02:00
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS tablename,
|
Rename pg_rowsecurity -> pg_policy and other fixes
As pointed out by Robert, we should really have named pg_rowsecurity
pg_policy, as the objects stored in that catalog are policies. This
patch fixes that and updates the column names to start with 'pol' to
match the new catalog name.
The security consideration for COPY with row level security, also
pointed out by Robert, has also been addressed by remembering and
re-checking the OID of the relation initially referenced during COPY
processing, to make sure it hasn't changed under us by the time we
finish planning out the query which has been built.
Robert and Alvaro also commented on missing OCLASS and OBJECT entries
for POLICY (formerly ROWSECURITY or POLICY, depending) in various
places. This patch fixes that too, which also happens to add the
ability to COMMENT on policies.
In passing, attempt to improve the consistency of messages, comments,
and documentation as well. This removes various incarnations of
'row-security', 'row-level security', 'Row-security', etc, in favor
of 'policy', 'row level security' or 'row_security' as appropriate.
Happy Thanksgiving!
2014-11-27 07:06:36 +01:00
|
|
|
pol.polname AS policyname,
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
CASE
|
Rename pg_rowsecurity -> pg_policy and other fixes
As pointed out by Robert, we should really have named pg_rowsecurity
pg_policy, as the objects stored in that catalog are policies. This
patch fixes that and updates the column names to start with 'pol' to
match the new catalog name.
The security consideration for COPY with row level security, also
pointed out by Robert, has also been addressed by remembering and
re-checking the OID of the relation initially referenced during COPY
processing, to make sure it hasn't changed under us by the time we
finish planning out the query which has been built.
Robert and Alvaro also commented on missing OCLASS and OBJECT entries
for POLICY (formerly ROWSECURITY or POLICY, depending) in various
places. This patch fixes that too, which also happens to add the
ability to COMMENT on policies.
In passing, attempt to improve the consistency of messages, comments,
and documentation as well. This removes various incarnations of
'row-security', 'row-level security', 'Row-security', etc, in favor
of 'policy', 'row level security' or 'row_security' as appropriate.
Happy Thanksgiving!
2014-11-27 07:06:36 +01:00
|
|
|
WHEN pol.polroles = '{0}' THEN
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
string_to_array('public', '')
|
|
|
|
ELSE
|
|
|
|
ARRAY
|
|
|
|
(
|
|
|
|
SELECT rolname
|
|
|
|
FROM pg_catalog.pg_authid
|
Rename pg_rowsecurity -> pg_policy and other fixes
As pointed out by Robert, we should really have named pg_rowsecurity
pg_policy, as the objects stored in that catalog are policies. This
patch fixes that and updates the column names to start with 'pol' to
match the new catalog name.
The security consideration for COPY with row level security, also
pointed out by Robert, has also been addressed by remembering and
re-checking the OID of the relation initially referenced during COPY
processing, to make sure it hasn't changed under us by the time we
finish planning out the query which has been built.
Robert and Alvaro also commented on missing OCLASS and OBJECT entries
for POLICY (formerly ROWSECURITY or POLICY, depending) in various
places. This patch fixes that too, which also happens to add the
ability to COMMENT on policies.
In passing, attempt to improve the consistency of messages, comments,
and documentation as well. This removes various incarnations of
'row-security', 'row-level security', 'Row-security', etc, in favor
of 'policy', 'row level security' or 'row_security' as appropriate.
Happy Thanksgiving!
2014-11-27 07:06:36 +01:00
|
|
|
WHERE oid = ANY (pol.polroles) ORDER BY 1
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
)
|
|
|
|
END AS roles,
|
2015-01-24 22:16:22 +01:00
|
|
|
CASE pol.polcmd
|
|
|
|
WHEN 'r' THEN 'SELECT'
|
|
|
|
WHEN 'a' THEN 'INSERT'
|
|
|
|
WHEN 'w' THEN 'UPDATE'
|
|
|
|
WHEN 'd' THEN 'DELETE'
|
|
|
|
WHEN '*' THEN 'ALL'
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
END AS cmd,
|
Rename pg_rowsecurity -> pg_policy and other fixes
As pointed out by Robert, we should really have named pg_rowsecurity
pg_policy, as the objects stored in that catalog are policies. This
patch fixes that and updates the column names to start with 'pol' to
match the new catalog name.
The security consideration for COPY with row level security, also
pointed out by Robert, has also been addressed by remembering and
re-checking the OID of the relation initially referenced during COPY
processing, to make sure it hasn't changed under us by the time we
finish planning out the query which has been built.
Robert and Alvaro also commented on missing OCLASS and OBJECT entries
for POLICY (formerly ROWSECURITY or POLICY, depending) in various
places. This patch fixes that too, which also happens to add the
ability to COMMENT on policies.
In passing, attempt to improve the consistency of messages, comments,
and documentation as well. This removes various incarnations of
'row-security', 'row-level security', 'Row-security', etc, in favor
of 'policy', 'row level security' or 'row_security' as appropriate.
Happy Thanksgiving!
2014-11-27 07:06:36 +01:00
|
|
|
pg_catalog.pg_get_expr(pol.polqual, pol.polrelid) AS qual,
|
|
|
|
pg_catalog.pg_get_expr(pol.polwithcheck, pol.polrelid) AS with_check
|
|
|
|
FROM pg_catalog.pg_policy pol
|
|
|
|
JOIN pg_catalog.pg_class C ON (C.oid = pol.polrelid)
|
2014-10-03 22:31:53 +02:00
|
|
|
LEFT JOIN pg_catalog.pg_namespace N ON (N.oid = C.relnamespace);
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_rules AS
|
|
|
|
SELECT
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS tablename,
|
|
|
|
R.rulename AS rulename,
|
|
|
|
pg_get_ruledef(R.oid) AS definition
|
|
|
|
FROM (pg_rewrite R JOIN pg_class C ON (C.oid = R.ev_class))
|
|
|
|
LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2003-11-13 23:13:39 +01:00
|
|
|
WHERE R.rulename != '_RETURN';
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_views AS
|
|
|
|
SELECT
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS viewname,
|
|
|
|
pg_get_userbyid(C.relowner) AS viewowner,
|
|
|
|
pg_get_viewdef(C.oid) AS definition
|
|
|
|
FROM pg_class C LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2003-11-13 23:13:39 +01:00
|
|
|
WHERE C.relkind = 'v';
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_tables AS
|
|
|
|
SELECT
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS tablename,
|
|
|
|
pg_get_userbyid(C.relowner) AS tableowner,
|
2004-10-11 19:24:41 +02:00
|
|
|
T.spcname AS tablespace,
|
2010-11-23 21:27:50 +01:00
|
|
|
C.relhasindex AS hasindexes,
|
|
|
|
C.relhasrules AS hasrules,
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
C.relhastriggers AS hastriggers,
|
Code review for row security.
Buildfarm member tick identified an issue where the policies in the
relcache for a relation were were being replaced underneath a running
query, leading to segfaults while processing the policies to be added
to a query. Similar to how TupleDesc RuleLocks are handled, add in a
equalRSDesc() function to check if the policies have actually changed
and, if not, swap back the rsdesc field (using the original instead of
the temporairly built one; the whole structure is swapped and then
specific fields swapped back). This now passes a CLOBBER_CACHE_ALWAYS
for me and should resolve the buildfarm error.
In addition to addressing this, add a new chapter in Data Definition
under Privileges which explains row security and provides examples of
its usage, change \d to always list policies (even if row security is
disabled- but note that it is disabled, or enabled with no policies),
rework check_role_for_policy (it really didn't need the entire policy,
but it did need to be using has_privs_of_role()), and change the field
in pg_class to relrowsecurity from relhasrowsecurity, based on
Heikki's suggestion. Also from Heikki, only issue SET ROW_SECURITY in
pg_restore when talking to a 9.5+ server, list Bypass RLS in \du, and
document --enable-row-security options for pg_dump and pg_restore.
Lastly, fix a number of minor whitespace and typo issues from Heikki,
Dimitri, add a missing #include, per Peter E, fix a few minor
variable-assigned-but-not-used and resource leak issues from Coverity
and add tab completion for role attribute bypassrls as well.
2014-09-24 22:32:22 +02:00
|
|
|
C.relrowsecurity AS rowsecurity
|
2010-11-23 21:27:50 +01:00
|
|
|
FROM pg_class C LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2004-07-21 22:43:53 +02:00
|
|
|
LEFT JOIN pg_tablespace T ON (T.oid = C.reltablespace)
|
2003-11-13 23:13:39 +01:00
|
|
|
WHERE C.relkind = 'r';
|
|
|
|
|
2013-03-04 01:23:31 +01:00
|
|
|
CREATE VIEW pg_matviews AS
|
|
|
|
SELECT
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS matviewname,
|
|
|
|
pg_get_userbyid(C.relowner) AS matviewowner,
|
|
|
|
T.spcname AS tablespace,
|
|
|
|
C.relhasindex AS hasindexes,
|
2013-05-06 19:26:51 +02:00
|
|
|
C.relispopulated AS ispopulated,
|
2013-03-04 01:23:31 +01:00
|
|
|
pg_get_viewdef(C.oid) AS definition
|
|
|
|
FROM pg_class C LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
|
|
|
LEFT JOIN pg_tablespace T ON (T.oid = C.reltablespace)
|
|
|
|
WHERE C.relkind = 'm';
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_indexes AS
|
|
|
|
SELECT
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS tablename,
|
|
|
|
I.relname AS indexname,
|
2004-10-11 19:24:41 +02:00
|
|
|
T.spcname AS tablespace,
|
2010-11-23 21:27:50 +01:00
|
|
|
pg_get_indexdef(I.oid) AS indexdef
|
|
|
|
FROM pg_index X JOIN pg_class C ON (C.oid = X.indrelid)
|
|
|
|
JOIN pg_class I ON (I.oid = X.indexrelid)
|
|
|
|
LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2004-10-11 19:24:41 +02:00
|
|
|
LEFT JOIN pg_tablespace T ON (T.oid = I.reltablespace)
|
2013-03-04 01:23:31 +01:00
|
|
|
WHERE C.relkind IN ('r', 'm') AND I.relkind = 'i';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2015-07-28 22:21:22 +02:00
|
|
|
CREATE VIEW pg_stats WITH (security_barrier) AS
|
2010-11-23 21:27:50 +01:00
|
|
|
SELECT
|
|
|
|
nspname AS schemaname,
|
|
|
|
relname AS tablename,
|
|
|
|
attname AS attname,
|
|
|
|
stainherit AS inherited,
|
|
|
|
stanullfrac AS null_frac,
|
|
|
|
stawidth AS avg_width,
|
|
|
|
stadistinct AS n_distinct,
|
2008-07-14 02:51:46 +02:00
|
|
|
CASE
|
2012-03-04 02:20:19 +01:00
|
|
|
WHEN stakind1 = 1 THEN stavalues1
|
|
|
|
WHEN stakind2 = 1 THEN stavalues2
|
|
|
|
WHEN stakind3 = 1 THEN stavalues3
|
|
|
|
WHEN stakind4 = 1 THEN stavalues4
|
|
|
|
WHEN stakind5 = 1 THEN stavalues5
|
2008-07-14 02:51:46 +02:00
|
|
|
END AS most_common_vals,
|
|
|
|
CASE
|
2012-03-04 02:20:19 +01:00
|
|
|
WHEN stakind1 = 1 THEN stanumbers1
|
|
|
|
WHEN stakind2 = 1 THEN stanumbers2
|
|
|
|
WHEN stakind3 = 1 THEN stanumbers3
|
|
|
|
WHEN stakind4 = 1 THEN stanumbers4
|
|
|
|
WHEN stakind5 = 1 THEN stanumbers5
|
2008-07-14 02:51:46 +02:00
|
|
|
END AS most_common_freqs,
|
|
|
|
CASE
|
|
|
|
WHEN stakind1 = 2 THEN stavalues1
|
|
|
|
WHEN stakind2 = 2 THEN stavalues2
|
|
|
|
WHEN stakind3 = 2 THEN stavalues3
|
|
|
|
WHEN stakind4 = 2 THEN stavalues4
|
2012-03-04 02:20:19 +01:00
|
|
|
WHEN stakind5 = 2 THEN stavalues5
|
2008-07-14 02:51:46 +02:00
|
|
|
END AS histogram_bounds,
|
|
|
|
CASE
|
|
|
|
WHEN stakind1 = 3 THEN stanumbers1[1]
|
|
|
|
WHEN stakind2 = 3 THEN stanumbers2[1]
|
|
|
|
WHEN stakind3 = 3 THEN stanumbers3[1]
|
|
|
|
WHEN stakind4 = 3 THEN stanumbers4[1]
|
2012-03-04 02:20:19 +01:00
|
|
|
WHEN stakind5 = 3 THEN stanumbers5[1]
|
|
|
|
END AS correlation,
|
|
|
|
CASE
|
|
|
|
WHEN stakind1 = 4 THEN stavalues1
|
|
|
|
WHEN stakind2 = 4 THEN stavalues2
|
|
|
|
WHEN stakind3 = 4 THEN stavalues3
|
|
|
|
WHEN stakind4 = 4 THEN stavalues4
|
|
|
|
WHEN stakind5 = 4 THEN stavalues5
|
|
|
|
END AS most_common_elems,
|
|
|
|
CASE
|
|
|
|
WHEN stakind1 = 4 THEN stanumbers1
|
|
|
|
WHEN stakind2 = 4 THEN stanumbers2
|
|
|
|
WHEN stakind3 = 4 THEN stanumbers3
|
|
|
|
WHEN stakind4 = 4 THEN stanumbers4
|
|
|
|
WHEN stakind5 = 4 THEN stanumbers5
|
|
|
|
END AS most_common_elem_freqs,
|
|
|
|
CASE
|
|
|
|
WHEN stakind1 = 5 THEN stanumbers1
|
|
|
|
WHEN stakind2 = 5 THEN stanumbers2
|
|
|
|
WHEN stakind3 = 5 THEN stanumbers3
|
|
|
|
WHEN stakind4 = 5 THEN stanumbers4
|
|
|
|
WHEN stakind5 = 5 THEN stanumbers5
|
|
|
|
END AS elem_count_histogram
|
2010-11-23 21:27:50 +01:00
|
|
|
FROM pg_statistic s JOIN pg_class c ON (c.oid = s.starelid)
|
|
|
|
JOIN pg_attribute a ON (c.oid = attrelid AND attnum = s.staattnum)
|
|
|
|
LEFT JOIN pg_namespace n ON (n.oid = c.relnamespace)
|
2015-07-28 22:21:22 +02:00
|
|
|
WHERE NOT attisdropped
|
|
|
|
AND has_column_privilege(c.oid, a.attnum, 'select')
|
|
|
|
AND (c.relrowsecurity = false OR NOT row_security_active(c.oid));
|
2003-11-13 23:13:39 +01:00
|
|
|
|
|
|
|
REVOKE ALL on pg_statistic FROM public;
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_locks AS
|
2008-09-21 21:38:56 +02:00
|
|
|
SELECT * FROM pg_lock_status() AS L;
|
2005-06-18 00:32:51 +02:00
|
|
|
|
2006-01-18 07:49:30 +01:00
|
|
|
CREATE VIEW pg_cursors AS
|
2008-09-21 21:38:56 +02:00
|
|
|
SELECT * FROM pg_cursor() AS C;
|
2006-01-18 07:49:30 +01:00
|
|
|
|
2011-02-08 22:08:41 +01:00
|
|
|
CREATE VIEW pg_available_extensions AS
|
2011-02-14 22:07:00 +01:00
|
|
|
SELECT E.name, E.default_version, X.extversion AS installed_version,
|
|
|
|
E.comment
|
2011-02-08 22:08:41 +01:00
|
|
|
FROM pg_available_extensions() AS E
|
2011-02-14 22:07:00 +01:00
|
|
|
LEFT JOIN pg_extension AS X ON E.name = X.extname;
|
|
|
|
|
|
|
|
CREATE VIEW pg_available_extension_versions AS
|
|
|
|
SELECT E.name, E.version, (X.extname IS NOT NULL) AS installed,
|
2011-03-04 22:08:24 +01:00
|
|
|
E.superuser, E.relocatable, E.schema, E.requires, E.comment
|
2011-02-14 22:07:00 +01:00
|
|
|
FROM pg_available_extension_versions() AS E
|
|
|
|
LEFT JOIN pg_extension AS X
|
|
|
|
ON E.name = X.extname AND E.version = X.extversion;
|
2011-02-08 22:08:41 +01:00
|
|
|
|
2005-06-18 00:32:51 +02:00
|
|
|
CREATE VIEW pg_prepared_xacts AS
|
2005-06-18 21:33:42 +02:00
|
|
|
SELECT P.transaction, P.gid, P.prepared,
|
2005-06-28 07:09:14 +02:00
|
|
|
U.rolname AS owner, D.datname AS database
|
2005-06-18 00:32:51 +02:00
|
|
|
FROM pg_prepared_xact() AS P
|
2005-06-28 07:09:14 +02:00
|
|
|
LEFT JOIN pg_authid U ON P.ownerid = U.oid
|
2005-06-18 21:33:42 +02:00
|
|
|
LEFT JOIN pg_database D ON P.dbid = D.oid;
|
2005-06-18 00:32:51 +02:00
|
|
|
|
2006-01-08 08:00:27 +01:00
|
|
|
CREATE VIEW pg_prepared_statements AS
|
2008-09-21 21:38:56 +02:00
|
|
|
SELECT * FROM pg_prepared_statement() AS P;
|
2006-01-08 08:00:27 +01:00
|
|
|
|
2010-09-28 02:55:27 +02:00
|
|
|
CREATE VIEW pg_seclabels AS
|
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, l.objsubid,
|
|
|
|
CASE WHEN rel.relkind = 'r' THEN 'table'::text
|
2011-01-02 05:48:11 +01:00
|
|
|
WHEN rel.relkind = 'v' THEN 'view'::text
|
2013-03-04 01:23:31 +01:00
|
|
|
WHEN rel.relkind = 'm' THEN 'materialized view'::text
|
2011-01-02 05:48:11 +01:00
|
|
|
WHEN rel.relkind = 'S' THEN 'sequence'::text
|
|
|
|
WHEN rel.relkind = 'f' THEN 'foreign table'::text END AS objtype,
|
2010-09-28 02:55:27 +02:00
|
|
|
rel.relnamespace AS objnamespace,
|
|
|
|
CASE WHEN pg_table_is_visible(rel.oid)
|
|
|
|
THEN quote_ident(rel.relname)
|
|
|
|
ELSE quote_ident(nsp.nspname) || '.' || quote_ident(rel.relname)
|
|
|
|
END AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_seclabel l
|
|
|
|
JOIN pg_class rel ON l.classoid = rel.tableoid AND l.objoid = rel.oid
|
|
|
|
JOIN pg_namespace nsp ON rel.relnamespace = nsp.oid
|
|
|
|
WHERE
|
|
|
|
l.objsubid = 0
|
|
|
|
UNION ALL
|
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, l.objsubid,
|
|
|
|
'column'::text AS objtype,
|
|
|
|
rel.relnamespace AS objnamespace,
|
|
|
|
CASE WHEN pg_table_is_visible(rel.oid)
|
|
|
|
THEN quote_ident(rel.relname)
|
|
|
|
ELSE quote_ident(nsp.nspname) || '.' || quote_ident(rel.relname)
|
|
|
|
END || '.' || att.attname AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_seclabel l
|
|
|
|
JOIN pg_class rel ON l.classoid = rel.tableoid AND l.objoid = rel.oid
|
|
|
|
JOIN pg_attribute att
|
|
|
|
ON rel.oid = att.attrelid AND l.objsubid = att.attnum
|
|
|
|
JOIN pg_namespace nsp ON rel.relnamespace = nsp.oid
|
|
|
|
WHERE
|
|
|
|
l.objsubid != 0
|
|
|
|
UNION ALL
|
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, l.objsubid,
|
|
|
|
CASE WHEN pro.proisagg = true THEN 'aggregate'::text
|
|
|
|
WHEN pro.proisagg = false THEN 'function'::text
|
|
|
|
END AS objtype,
|
|
|
|
pro.pronamespace AS objnamespace,
|
|
|
|
CASE WHEN pg_function_is_visible(pro.oid)
|
|
|
|
THEN quote_ident(pro.proname)
|
|
|
|
ELSE quote_ident(nsp.nspname) || '.' || quote_ident(pro.proname)
|
|
|
|
END || '(' || pg_catalog.pg_get_function_arguments(pro.oid) || ')' AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_seclabel l
|
|
|
|
JOIN pg_proc pro ON l.classoid = pro.tableoid AND l.objoid = pro.oid
|
|
|
|
JOIN pg_namespace nsp ON pro.pronamespace = nsp.oid
|
|
|
|
WHERE
|
|
|
|
l.objsubid = 0
|
|
|
|
UNION ALL
|
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, l.objsubid,
|
|
|
|
CASE WHEN typ.typtype = 'd' THEN 'domain'::text
|
|
|
|
ELSE 'type'::text END AS objtype,
|
|
|
|
typ.typnamespace AS objnamespace,
|
|
|
|
CASE WHEN pg_type_is_visible(typ.oid)
|
|
|
|
THEN quote_ident(typ.typname)
|
|
|
|
ELSE quote_ident(nsp.nspname) || '.' || quote_ident(typ.typname)
|
|
|
|
END AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_seclabel l
|
|
|
|
JOIN pg_type typ ON l.classoid = typ.tableoid AND l.objoid = typ.oid
|
|
|
|
JOIN pg_namespace nsp ON typ.typnamespace = nsp.oid
|
|
|
|
WHERE
|
|
|
|
l.objsubid = 0
|
|
|
|
UNION ALL
|
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, l.objsubid,
|
|
|
|
'large object'::text AS objtype,
|
|
|
|
NULL::oid AS objnamespace,
|
|
|
|
l.objoid::text AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_seclabel l
|
|
|
|
JOIN pg_largeobject_metadata lom ON l.objoid = lom.oid
|
|
|
|
WHERE
|
|
|
|
l.classoid = 'pg_catalog.pg_largeobject'::regclass AND l.objsubid = 0
|
|
|
|
UNION ALL
|
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, l.objsubid,
|
|
|
|
'language'::text AS objtype,
|
|
|
|
NULL::oid AS objnamespace,
|
|
|
|
quote_ident(lan.lanname) AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_seclabel l
|
|
|
|
JOIN pg_language lan ON l.classoid = lan.tableoid AND l.objoid = lan.oid
|
|
|
|
WHERE
|
|
|
|
l.objsubid = 0
|
|
|
|
UNION ALL
|
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, l.objsubid,
|
|
|
|
'schema'::text AS objtype,
|
|
|
|
nsp.oid AS objnamespace,
|
|
|
|
quote_ident(nsp.nspname) AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_seclabel l
|
|
|
|
JOIN pg_namespace nsp ON l.classoid = nsp.tableoid AND l.objoid = nsp.oid
|
|
|
|
WHERE
|
2011-07-20 19:18:24 +02:00
|
|
|
l.objsubid = 0
|
|
|
|
UNION ALL
|
2012-07-18 16:16:16 +02:00
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, l.objsubid,
|
|
|
|
'event trigger'::text AS objtype,
|
|
|
|
NULL::oid AS objnamespace,
|
|
|
|
quote_ident(evt.evtname) AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_seclabel l
|
|
|
|
JOIN pg_event_trigger evt ON l.classoid = evt.tableoid
|
|
|
|
AND l.objoid = evt.oid
|
|
|
|
WHERE
|
|
|
|
l.objsubid = 0
|
|
|
|
UNION ALL
|
2011-07-20 19:18:24 +02:00
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, 0::int4 AS objsubid,
|
|
|
|
'database'::text AS objtype,
|
|
|
|
NULL::oid AS objnamespace,
|
|
|
|
quote_ident(dat.datname) AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_shseclabel l
|
|
|
|
JOIN pg_database dat ON l.classoid = dat.tableoid AND l.objoid = dat.oid
|
|
|
|
UNION ALL
|
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, 0::int4 AS objsubid,
|
|
|
|
'tablespace'::text AS objtype,
|
|
|
|
NULL::oid AS objnamespace,
|
|
|
|
quote_ident(spc.spcname) AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_shseclabel l
|
|
|
|
JOIN pg_tablespace spc ON l.classoid = spc.tableoid AND l.objoid = spc.oid
|
|
|
|
UNION ALL
|
|
|
|
SELECT
|
|
|
|
l.objoid, l.classoid, 0::int4 AS objsubid,
|
|
|
|
'role'::text AS objtype,
|
|
|
|
NULL::oid AS objnamespace,
|
|
|
|
quote_ident(rol.rolname) AS objname,
|
|
|
|
l.provider, l.label
|
|
|
|
FROM
|
|
|
|
pg_shseclabel l
|
|
|
|
JOIN pg_authid rol ON l.classoid = rol.tableoid AND l.objoid = rol.oid;
|
2010-09-28 02:55:27 +02:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_settings AS
|
|
|
|
SELECT * FROM pg_show_all_settings() AS A;
|
2005-06-18 00:32:51 +02:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE RULE pg_settings_u AS
|
|
|
|
ON UPDATE TO pg_settings
|
|
|
|
WHERE new.name = old.name DO
|
2005-06-18 00:32:51 +02:00
|
|
|
SELECT set_config(old.name, new.setting, 'f');
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE RULE pg_settings_n AS
|
|
|
|
ON UPDATE TO pg_settings
|
2005-06-18 00:32:51 +02:00
|
|
|
DO INSTEAD NOTHING;
|
|
|
|
|
|
|
|
GRANT SELECT, UPDATE ON pg_settings TO PUBLIC;
|
|
|
|
|
2015-05-09 01:09:26 +02:00
|
|
|
CREATE VIEW pg_file_settings AS
|
|
|
|
SELECT * FROM pg_show_all_file_settings() AS A;
|
|
|
|
|
|
|
|
REVOKE ALL on pg_file_settings FROM PUBLIC;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_show_all_file_settings() FROM PUBLIC;
|
|
|
|
|
2006-09-16 22:14:34 +02:00
|
|
|
CREATE VIEW pg_timezone_abbrevs AS
|
|
|
|
SELECT * FROM pg_timezone_abbrevs();
|
|
|
|
|
|
|
|
CREATE VIEW pg_timezone_names AS
|
|
|
|
SELECT * FROM pg_timezone_names();
|
2006-07-25 05:51:23 +02:00
|
|
|
|
2016-02-17 18:12:06 +01:00
|
|
|
CREATE VIEW pg_config AS
|
|
|
|
SELECT * FROM pg_config();
|
|
|
|
|
|
|
|
REVOKE ALL on pg_config FROM PUBLIC;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_config() FROM PUBLIC;
|
|
|
|
|
2005-06-18 00:32:51 +02:00
|
|
|
-- Statistics views
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_stat_all_tables AS
|
|
|
|
SELECT
|
|
|
|
C.oid AS relid,
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS relname,
|
|
|
|
pg_stat_get_numscans(C.oid) AS seq_scan,
|
|
|
|
pg_stat_get_tuples_returned(C.oid) AS seq_tup_read,
|
|
|
|
sum(pg_stat_get_numscans(I.indexrelid))::bigint AS idx_scan,
|
2005-10-06 04:29:23 +02:00
|
|
|
sum(pg_stat_get_tuples_fetched(I.indexrelid))::bigint +
|
2010-11-23 21:27:50 +01:00
|
|
|
pg_stat_get_tuples_fetched(C.oid) AS idx_tup_fetch,
|
|
|
|
pg_stat_get_tuples_inserted(C.oid) AS n_tup_ins,
|
|
|
|
pg_stat_get_tuples_updated(C.oid) AS n_tup_upd,
|
2006-11-24 22:18:42 +01:00
|
|
|
pg_stat_get_tuples_deleted(C.oid) AS n_tup_del,
|
2007-09-20 19:56:33 +02:00
|
|
|
pg_stat_get_tuples_hot_updated(C.oid) AS n_tup_hot_upd,
|
2010-11-23 21:27:50 +01:00
|
|
|
pg_stat_get_live_tuples(C.oid) AS n_live_tup,
|
2007-01-02 21:59:32 +01:00
|
|
|
pg_stat_get_dead_tuples(C.oid) AS n_dead_tup,
|
2013-07-05 15:02:09 +02:00
|
|
|
pg_stat_get_mod_since_analyze(C.oid) AS n_mod_since_analyze,
|
2006-11-24 22:18:42 +01:00
|
|
|
pg_stat_get_last_vacuum_time(C.oid) as last_vacuum,
|
|
|
|
pg_stat_get_last_autovacuum_time(C.oid) as last_autovacuum,
|
|
|
|
pg_stat_get_last_analyze_time(C.oid) as last_analyze,
|
2010-08-21 12:59:17 +02:00
|
|
|
pg_stat_get_last_autoanalyze_time(C.oid) as last_autoanalyze,
|
|
|
|
pg_stat_get_vacuum_count(C.oid) AS vacuum_count,
|
|
|
|
pg_stat_get_autovacuum_count(C.oid) AS autovacuum_count,
|
|
|
|
pg_stat_get_analyze_count(C.oid) AS analyze_count,
|
|
|
|
pg_stat_get_autoanalyze_count(C.oid) AS autoanalyze_count
|
2010-11-23 21:27:50 +01:00
|
|
|
FROM pg_class C LEFT JOIN
|
|
|
|
pg_index I ON C.oid = I.indrelid
|
|
|
|
LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2013-03-04 01:23:31 +01:00
|
|
|
WHERE C.relkind IN ('r', 't', 'm')
|
2003-11-13 23:13:39 +01:00
|
|
|
GROUP BY C.oid, N.nspname, C.relname;
|
|
|
|
|
2010-08-08 18:27:06 +02:00
|
|
|
CREATE VIEW pg_stat_xact_all_tables AS
|
|
|
|
SELECT
|
|
|
|
C.oid AS relid,
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS relname,
|
|
|
|
pg_stat_get_xact_numscans(C.oid) AS seq_scan,
|
|
|
|
pg_stat_get_xact_tuples_returned(C.oid) AS seq_tup_read,
|
|
|
|
sum(pg_stat_get_xact_numscans(I.indexrelid))::bigint AS idx_scan,
|
|
|
|
sum(pg_stat_get_xact_tuples_fetched(I.indexrelid))::bigint +
|
|
|
|
pg_stat_get_xact_tuples_fetched(C.oid) AS idx_tup_fetch,
|
|
|
|
pg_stat_get_xact_tuples_inserted(C.oid) AS n_tup_ins,
|
|
|
|
pg_stat_get_xact_tuples_updated(C.oid) AS n_tup_upd,
|
|
|
|
pg_stat_get_xact_tuples_deleted(C.oid) AS n_tup_del,
|
|
|
|
pg_stat_get_xact_tuples_hot_updated(C.oid) AS n_tup_hot_upd
|
|
|
|
FROM pg_class C LEFT JOIN
|
|
|
|
pg_index I ON C.oid = I.indrelid
|
|
|
|
LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2013-03-04 01:23:31 +01:00
|
|
|
WHERE C.relkind IN ('r', 't', 'm')
|
2010-08-08 18:27:06 +02:00
|
|
|
GROUP BY C.oid, N.nspname, C.relname;
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_stat_sys_tables AS
|
|
|
|
SELECT * FROM pg_stat_all_tables
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname IN ('pg_catalog', 'information_schema') OR
|
|
|
|
schemaname ~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-08-08 18:27:06 +02:00
|
|
|
CREATE VIEW pg_stat_xact_sys_tables AS
|
|
|
|
SELECT * FROM pg_stat_xact_all_tables
|
|
|
|
WHERE schemaname IN ('pg_catalog', 'information_schema') OR
|
|
|
|
schemaname ~ '^pg_toast';
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_stat_user_tables AS
|
|
|
|
SELECT * FROM pg_stat_all_tables
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname NOT IN ('pg_catalog', 'information_schema') AND
|
|
|
|
schemaname !~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-08-08 18:27:06 +02:00
|
|
|
CREATE VIEW pg_stat_xact_user_tables AS
|
|
|
|
SELECT * FROM pg_stat_xact_all_tables
|
|
|
|
WHERE schemaname NOT IN ('pg_catalog', 'information_schema') AND
|
|
|
|
schemaname !~ '^pg_toast';
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_statio_all_tables AS
|
|
|
|
SELECT
|
|
|
|
C.oid AS relid,
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS relname,
|
|
|
|
pg_stat_get_blocks_fetched(C.oid) -
|
|
|
|
pg_stat_get_blocks_hit(C.oid) AS heap_blks_read,
|
|
|
|
pg_stat_get_blocks_hit(C.oid) AS heap_blks_hit,
|
|
|
|
sum(pg_stat_get_blocks_fetched(I.indexrelid) -
|
|
|
|
pg_stat_get_blocks_hit(I.indexrelid))::bigint AS idx_blks_read,
|
|
|
|
sum(pg_stat_get_blocks_hit(I.indexrelid))::bigint AS idx_blks_hit,
|
|
|
|
pg_stat_get_blocks_fetched(T.oid) -
|
|
|
|
pg_stat_get_blocks_hit(T.oid) AS toast_blks_read,
|
|
|
|
pg_stat_get_blocks_hit(T.oid) AS toast_blks_hit,
|
2013-07-03 20:24:09 +02:00
|
|
|
sum(pg_stat_get_blocks_fetched(X.indexrelid) -
|
|
|
|
pg_stat_get_blocks_hit(X.indexrelid))::bigint AS tidx_blks_read,
|
|
|
|
sum(pg_stat_get_blocks_hit(X.indexrelid))::bigint AS tidx_blks_hit
|
2010-11-23 21:27:50 +01:00
|
|
|
FROM pg_class C LEFT JOIN
|
|
|
|
pg_index I ON C.oid = I.indrelid LEFT JOIN
|
|
|
|
pg_class T ON C.reltoastrelid = T.oid LEFT JOIN
|
2013-07-03 20:24:09 +02:00
|
|
|
pg_index X ON T.oid = X.indrelid
|
2010-11-23 21:27:50 +01:00
|
|
|
LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2013-03-04 01:23:31 +01:00
|
|
|
WHERE C.relkind IN ('r', 't', 'm')
|
2013-07-03 20:24:09 +02:00
|
|
|
GROUP BY C.oid, N.nspname, C.relname, T.oid, X.indrelid;
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_statio_sys_tables AS
|
|
|
|
SELECT * FROM pg_statio_all_tables
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname IN ('pg_catalog', 'information_schema') OR
|
|
|
|
schemaname ~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_statio_user_tables AS
|
|
|
|
SELECT * FROM pg_statio_all_tables
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname NOT IN ('pg_catalog', 'information_schema') AND
|
|
|
|
schemaname !~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_stat_all_indexes AS
|
|
|
|
SELECT
|
|
|
|
C.oid AS relid,
|
|
|
|
I.oid AS indexrelid,
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS relname,
|
|
|
|
I.relname AS indexrelname,
|
|
|
|
pg_stat_get_numscans(I.oid) AS idx_scan,
|
|
|
|
pg_stat_get_tuples_returned(I.oid) AS idx_tup_read,
|
|
|
|
pg_stat_get_tuples_fetched(I.oid) AS idx_tup_fetch
|
|
|
|
FROM pg_class C JOIN
|
|
|
|
pg_index X ON C.oid = X.indrelid JOIN
|
|
|
|
pg_class I ON I.oid = X.indexrelid
|
|
|
|
LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2013-03-04 01:23:31 +01:00
|
|
|
WHERE C.relkind IN ('r', 't', 'm');
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_stat_sys_indexes AS
|
|
|
|
SELECT * FROM pg_stat_all_indexes
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname IN ('pg_catalog', 'information_schema') OR
|
|
|
|
schemaname ~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_stat_user_indexes AS
|
|
|
|
SELECT * FROM pg_stat_all_indexes
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname NOT IN ('pg_catalog', 'information_schema') AND
|
|
|
|
schemaname !~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_statio_all_indexes AS
|
|
|
|
SELECT
|
|
|
|
C.oid AS relid,
|
|
|
|
I.oid AS indexrelid,
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS relname,
|
|
|
|
I.relname AS indexrelname,
|
|
|
|
pg_stat_get_blocks_fetched(I.oid) -
|
|
|
|
pg_stat_get_blocks_hit(I.oid) AS idx_blks_read,
|
|
|
|
pg_stat_get_blocks_hit(I.oid) AS idx_blks_hit
|
|
|
|
FROM pg_class C JOIN
|
|
|
|
pg_index X ON C.oid = X.indrelid JOIN
|
|
|
|
pg_class I ON I.oid = X.indexrelid
|
|
|
|
LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2013-03-04 01:23:31 +01:00
|
|
|
WHERE C.relkind IN ('r', 't', 'm');
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_statio_sys_indexes AS
|
|
|
|
SELECT * FROM pg_statio_all_indexes
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname IN ('pg_catalog', 'information_schema') OR
|
|
|
|
schemaname ~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_statio_user_indexes AS
|
|
|
|
SELECT * FROM pg_statio_all_indexes
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname NOT IN ('pg_catalog', 'information_schema') AND
|
|
|
|
schemaname !~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_statio_all_sequences AS
|
|
|
|
SELECT
|
|
|
|
C.oid AS relid,
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
C.relname AS relname,
|
|
|
|
pg_stat_get_blocks_fetched(C.oid) -
|
|
|
|
pg_stat_get_blocks_hit(C.oid) AS blks_read,
|
|
|
|
pg_stat_get_blocks_hit(C.oid) AS blks_hit
|
|
|
|
FROM pg_class C
|
|
|
|
LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace)
|
2003-11-13 23:13:39 +01:00
|
|
|
WHERE C.relkind = 'S';
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_statio_sys_sequences AS
|
|
|
|
SELECT * FROM pg_statio_all_sequences
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname IN ('pg_catalog', 'information_schema') OR
|
|
|
|
schemaname ~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_statio_user_sequences AS
|
|
|
|
SELECT * FROM pg_statio_all_sequences
|
2007-07-26 00:16:18 +02:00
|
|
|
WHERE schemaname NOT IN ('pg_catalog', 'information_schema') AND
|
|
|
|
schemaname !~ '^pg_toast';
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_stat_activity AS
|
|
|
|
SELECT
|
2008-05-07 16:41:56 +02:00
|
|
|
S.datid AS datid,
|
|
|
|
D.datname AS datname,
|
2012-01-19 14:19:20 +01:00
|
|
|
S.pid,
|
2008-05-07 16:41:56 +02:00
|
|
|
S.usesysid,
|
|
|
|
U.rolname AS usename,
|
2009-11-29 19:14:32 +01:00
|
|
|
S.application_name,
|
2010-04-26 16:22:37 +02:00
|
|
|
S.client_addr,
|
2011-02-17 22:03:28 +01:00
|
|
|
S.client_hostname,
|
2010-04-26 16:22:37 +02:00
|
|
|
S.client_port,
|
|
|
|
S.backend_start,
|
2008-05-07 16:41:56 +02:00
|
|
|
S.xact_start,
|
|
|
|
S.query_start,
|
2012-01-19 14:19:20 +01:00
|
|
|
S.state_change,
|
2016-03-10 18:44:09 +01:00
|
|
|
S.wait_event_type,
|
|
|
|
S.wait_event,
|
2012-01-19 14:19:20 +01:00
|
|
|
S.state,
|
2014-02-25 18:34:04 +01:00
|
|
|
S.backend_xid,
|
|
|
|
s.backend_xmin,
|
2012-01-19 14:19:20 +01:00
|
|
|
S.query
|
2008-05-08 10:58:59 +02:00
|
|
|
FROM pg_database D, pg_stat_get_activity(NULL) AS S, pg_authid U
|
2010-11-23 21:27:50 +01:00
|
|
|
WHERE S.datid = D.oid AND
|
2008-05-07 16:41:56 +02:00
|
|
|
S.usesysid = U.oid;
|
2003-11-13 23:13:39 +01:00
|
|
|
|
2011-01-07 12:35:38 +01:00
|
|
|
CREATE VIEW pg_stat_replication AS
|
|
|
|
SELECT
|
2012-01-19 14:19:20 +01:00
|
|
|
S.pid,
|
2011-01-07 12:35:38 +01:00
|
|
|
S.usesysid,
|
|
|
|
U.rolname AS usename,
|
|
|
|
S.application_name,
|
|
|
|
S.client_addr,
|
2011-02-17 22:03:28 +01:00
|
|
|
S.client_hostname,
|
2011-01-07 12:35:38 +01:00
|
|
|
S.client_port,
|
|
|
|
S.backend_start,
|
2014-02-25 18:34:04 +01:00
|
|
|
S.backend_xmin,
|
2011-01-11 21:25:28 +01:00
|
|
|
W.state,
|
2011-02-10 20:00:29 +01:00
|
|
|
W.sent_location,
|
|
|
|
W.write_location,
|
|
|
|
W.flush_location,
|
2011-03-06 23:49:16 +01:00
|
|
|
W.replay_location,
|
|
|
|
W.sync_priority,
|
|
|
|
W.sync_state
|
2011-01-07 12:35:38 +01:00
|
|
|
FROM pg_stat_get_activity(NULL) AS S, pg_authid U,
|
|
|
|
pg_stat_get_wal_senders() AS W
|
|
|
|
WHERE S.usesysid = U.oid AND
|
2012-01-19 14:19:20 +01:00
|
|
|
S.pid = W.pid;
|
2011-01-07 12:35:38 +01:00
|
|
|
|
2016-01-07 20:21:19 +01:00
|
|
|
CREATE VIEW pg_stat_wal_receiver AS
|
|
|
|
SELECT
|
|
|
|
s.pid,
|
|
|
|
s.status,
|
|
|
|
s.receive_start_lsn,
|
|
|
|
s.receive_start_tli,
|
|
|
|
s.received_lsn,
|
|
|
|
s.received_tli,
|
|
|
|
s.last_msg_send_time,
|
|
|
|
s.last_msg_receipt_time,
|
|
|
|
s.latest_end_lsn,
|
|
|
|
s.latest_end_time,
|
|
|
|
s.slot_name
|
|
|
|
FROM pg_stat_get_wal_receiver() s
|
|
|
|
WHERE s.pid IS NOT NULL;
|
|
|
|
|
2015-04-12 19:07:46 +02:00
|
|
|
CREATE VIEW pg_stat_ssl AS
|
|
|
|
SELECT
|
|
|
|
S.pid,
|
|
|
|
S.ssl,
|
|
|
|
S.sslversion AS version,
|
|
|
|
S.sslcipher AS cipher,
|
|
|
|
S.sslbits AS bits,
|
|
|
|
S.sslcompression AS compression,
|
|
|
|
S.sslclientdn AS clientdn
|
|
|
|
FROM pg_stat_get_activity(NULL) AS S;
|
|
|
|
|
2014-02-01 04:45:17 +01:00
|
|
|
CREATE VIEW pg_replication_slots AS
|
|
|
|
SELECT
|
|
|
|
L.slot_name,
|
Introduce logical decoding.
This feature, building on previous commits, allows the write-ahead log
stream to be decoded into a series of logical changes; that is,
inserts, updates, and deletes and the transactions which contain them.
It is capable of handling decoding even across changes to the schema
of the effected tables. The output format is controlled by a
so-called "output plugin"; an example is included. To make use of
this in a real replication system, the output plugin will need to be
modified to produce output in the format appropriate to that system,
and to perform filtering.
Currently, information can be extracted from the logical decoding
system only via SQL; future commits will add the ability to stream
changes via walsender.
Andres Freund, with review and other contributions from many other
people, including Álvaro Herrera, Abhijit Menon-Sen, Peter Gheogegan,
Kevin Grittner, Robert Haas, Heikki Linnakangas, Fujii Masao, Abhijit
Menon-Sen, Michael Paquier, Simon Riggs, Craig Ringer, and Steve
Singer.
2014-03-03 22:32:18 +01:00
|
|
|
L.plugin,
|
2014-02-01 04:45:17 +01:00
|
|
|
L.slot_type,
|
|
|
|
L.datoid,
|
|
|
|
D.datname AS database,
|
|
|
|
L.active,
|
2015-04-22 09:42:36 +02:00
|
|
|
L.active_pid,
|
2014-02-01 04:45:17 +01:00
|
|
|
L.xmin,
|
Introduce logical decoding.
This feature, building on previous commits, allows the write-ahead log
stream to be decoded into a series of logical changes; that is,
inserts, updates, and deletes and the transactions which contain them.
It is capable of handling decoding even across changes to the schema
of the effected tables. The output format is controlled by a
so-called "output plugin"; an example is included. To make use of
this in a real replication system, the output plugin will need to be
modified to produce output in the format appropriate to that system,
and to perform filtering.
Currently, information can be extracted from the logical decoding
system only via SQL; future commits will add the ability to stream
changes via walsender.
Andres Freund, with review and other contributions from many other
people, including Álvaro Herrera, Abhijit Menon-Sen, Peter Gheogegan,
Kevin Grittner, Robert Haas, Heikki Linnakangas, Fujii Masao, Abhijit
Menon-Sen, Michael Paquier, Simon Riggs, Craig Ringer, and Steve
Singer.
2014-03-03 22:32:18 +01:00
|
|
|
L.catalog_xmin,
|
2015-08-10 13:28:18 +02:00
|
|
|
L.restart_lsn,
|
|
|
|
L.confirmed_flush_lsn
|
2014-02-01 04:45:17 +01:00
|
|
|
FROM pg_get_replication_slots() AS L
|
|
|
|
LEFT JOIN pg_database D ON (L.datoid = D.oid);
|
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_stat_database AS
|
|
|
|
SELECT
|
|
|
|
D.oid AS datid,
|
|
|
|
D.datname AS datname,
|
|
|
|
pg_stat_get_db_numbackends(D.oid) AS numbackends,
|
|
|
|
pg_stat_get_db_xact_commit(D.oid) AS xact_commit,
|
|
|
|
pg_stat_get_db_xact_rollback(D.oid) AS xact_rollback,
|
|
|
|
pg_stat_get_db_blocks_fetched(D.oid) -
|
|
|
|
pg_stat_get_db_blocks_hit(D.oid) AS blks_read,
|
2007-03-16 18:57:36 +01:00
|
|
|
pg_stat_get_db_blocks_hit(D.oid) AS blks_hit,
|
|
|
|
pg_stat_get_db_tuples_returned(D.oid) AS tup_returned,
|
|
|
|
pg_stat_get_db_tuples_fetched(D.oid) AS tup_fetched,
|
|
|
|
pg_stat_get_db_tuples_inserted(D.oid) AS tup_inserted,
|
|
|
|
pg_stat_get_db_tuples_updated(D.oid) AS tup_updated,
|
2011-01-03 12:46:03 +01:00
|
|
|
pg_stat_get_db_tuples_deleted(D.oid) AS tup_deleted,
|
2011-02-10 15:09:35 +01:00
|
|
|
pg_stat_get_db_conflict_all(D.oid) AS conflicts,
|
2012-01-26 14:41:19 +01:00
|
|
|
pg_stat_get_db_temp_files(D.oid) AS temp_files,
|
|
|
|
pg_stat_get_db_temp_bytes(D.oid) AS temp_bytes,
|
2012-01-26 15:58:19 +01:00
|
|
|
pg_stat_get_db_deadlocks(D.oid) AS deadlocks,
|
2012-04-30 20:02:47 +02:00
|
|
|
pg_stat_get_db_blk_read_time(D.oid) AS blk_read_time,
|
|
|
|
pg_stat_get_db_blk_write_time(D.oid) AS blk_write_time,
|
2011-02-10 15:09:35 +01:00
|
|
|
pg_stat_get_db_stat_reset_time(D.oid) AS stats_reset
|
2011-01-03 12:46:03 +01:00
|
|
|
FROM pg_database D;
|
|
|
|
|
|
|
|
CREATE VIEW pg_stat_database_conflicts AS
|
|
|
|
SELECT
|
|
|
|
D.oid AS datid,
|
|
|
|
D.datname AS datname,
|
|
|
|
pg_stat_get_db_conflict_tablespace(D.oid) AS confl_tablespace,
|
|
|
|
pg_stat_get_db_conflict_lock(D.oid) AS confl_lock,
|
|
|
|
pg_stat_get_db_conflict_snapshot(D.oid) AS confl_snapshot,
|
|
|
|
pg_stat_get_db_conflict_bufferpin(D.oid) AS confl_bufferpin,
|
|
|
|
pg_stat_get_db_conflict_startup_deadlock(D.oid) AS confl_deadlock
|
2003-11-13 23:13:39 +01:00
|
|
|
FROM pg_database D;
|
2007-03-30 20:34:56 +02:00
|
|
|
|
2010-11-23 21:27:50 +01:00
|
|
|
CREATE VIEW pg_stat_user_functions AS
|
2008-05-15 02:17:41 +02:00
|
|
|
SELECT
|
2010-11-23 21:27:50 +01:00
|
|
|
P.oid AS funcid,
|
2008-05-15 02:17:41 +02:00
|
|
|
N.nspname AS schemaname,
|
|
|
|
P.proname AS funcname,
|
|
|
|
pg_stat_get_function_calls(P.oid) AS calls,
|
2012-04-30 20:02:47 +02:00
|
|
|
pg_stat_get_function_total_time(P.oid) AS total_time,
|
|
|
|
pg_stat_get_function_self_time(P.oid) AS self_time
|
2008-05-15 02:17:41 +02:00
|
|
|
FROM pg_proc P LEFT JOIN pg_namespace N ON (N.oid = P.pronamespace)
|
2010-11-23 21:27:50 +01:00
|
|
|
WHERE P.prolang != 12 -- fast check to eliminate built-in functions
|
2008-05-15 02:17:41 +02:00
|
|
|
AND pg_stat_get_function_calls(P.oid) IS NOT NULL;
|
|
|
|
|
2010-08-08 18:27:06 +02:00
|
|
|
CREATE VIEW pg_stat_xact_user_functions AS
|
|
|
|
SELECT
|
|
|
|
P.oid AS funcid,
|
|
|
|
N.nspname AS schemaname,
|
|
|
|
P.proname AS funcname,
|
|
|
|
pg_stat_get_xact_function_calls(P.oid) AS calls,
|
2012-04-30 20:02:47 +02:00
|
|
|
pg_stat_get_xact_function_total_time(P.oid) AS total_time,
|
|
|
|
pg_stat_get_xact_function_self_time(P.oid) AS self_time
|
2010-08-08 18:27:06 +02:00
|
|
|
FROM pg_proc P LEFT JOIN pg_namespace N ON (N.oid = P.pronamespace)
|
|
|
|
WHERE P.prolang != 12 -- fast check to eliminate built-in functions
|
|
|
|
AND pg_stat_get_xact_function_calls(P.oid) IS NOT NULL;
|
|
|
|
|
2014-01-28 18:58:22 +01:00
|
|
|
CREATE VIEW pg_stat_archiver AS
|
|
|
|
SELECT
|
|
|
|
s.archived_count,
|
|
|
|
s.last_archived_wal,
|
|
|
|
s.last_archived_time,
|
|
|
|
s.failed_count,
|
|
|
|
s.last_failed_wal,
|
|
|
|
s.last_failed_time,
|
|
|
|
s.stats_reset
|
|
|
|
FROM pg_stat_get_archiver() s;
|
|
|
|
|
2007-03-30 20:34:56 +02:00
|
|
|
CREATE VIEW pg_stat_bgwriter AS
|
2007-06-28 02:02:40 +02:00
|
|
|
SELECT
|
|
|
|
pg_stat_get_bgwriter_timed_checkpoints() AS checkpoints_timed,
|
|
|
|
pg_stat_get_bgwriter_requested_checkpoints() AS checkpoints_req,
|
2012-04-05 20:03:21 +02:00
|
|
|
pg_stat_get_checkpoint_write_time() AS checkpoint_write_time,
|
2012-04-06 03:36:42 +02:00
|
|
|
pg_stat_get_checkpoint_sync_time() AS checkpoint_sync_time,
|
2007-06-28 02:02:40 +02:00
|
|
|
pg_stat_get_bgwriter_buf_written_checkpoints() AS buffers_checkpoint,
|
|
|
|
pg_stat_get_bgwriter_buf_written_clean() AS buffers_clean,
|
2007-09-25 22:03:38 +02:00
|
|
|
pg_stat_get_bgwriter_maxwritten_clean() AS maxwritten_clean,
|
|
|
|
pg_stat_get_buf_written_backend() AS buffers_backend,
|
2010-11-15 18:42:59 +01:00
|
|
|
pg_stat_get_buf_fsync_backend() AS buffers_backend_fsync,
|
2011-02-10 15:09:35 +01:00
|
|
|
pg_stat_get_buf_alloc() AS buffers_alloc,
|
|
|
|
pg_stat_get_bgwriter_stat_reset_time() AS stats_reset;
|
2007-08-21 03:11:32 +02:00
|
|
|
|
2016-03-15 18:31:18 +01:00
|
|
|
CREATE VIEW pg_stat_progress_vacuum AS
|
|
|
|
SELECT
|
|
|
|
S.pid AS pid, S.datid AS datid, D.datname AS datname,
|
|
|
|
S.relid AS relid,
|
|
|
|
CASE S.param1 WHEN 0 THEN 'initializing'
|
|
|
|
WHEN 1 THEN 'scanning heap'
|
|
|
|
WHEN 2 THEN 'vacuuming indexes'
|
|
|
|
WHEN 3 THEN 'vacuuming heap'
|
|
|
|
WHEN 4 THEN 'cleaning up indexes'
|
|
|
|
WHEN 5 THEN 'truncating heap'
|
|
|
|
WHEN 6 THEN 'performing final cleanup'
|
|
|
|
END AS phase,
|
|
|
|
S.param2 AS heap_blks_total, S.param3 AS heap_blks_scanned,
|
|
|
|
S.param4 AS heap_blks_vacuumed, S.param5 AS index_vacuum_count,
|
|
|
|
S.param6 AS max_dead_tuples, S.param7 AS num_dead_tuples
|
|
|
|
FROM pg_stat_get_progress_info('VACUUM') AS S
|
|
|
|
JOIN pg_database D ON S.datid = D.oid;
|
|
|
|
|
2008-12-19 17:25:19 +01:00
|
|
|
CREATE VIEW pg_user_mappings AS
|
|
|
|
SELECT
|
|
|
|
U.oid AS umid,
|
|
|
|
S.oid AS srvid,
|
|
|
|
S.srvname AS srvname,
|
|
|
|
U.umuser AS umuser,
|
|
|
|
CASE WHEN U.umuser = 0 THEN
|
|
|
|
'public'
|
|
|
|
ELSE
|
|
|
|
A.rolname
|
|
|
|
END AS usename,
|
|
|
|
CASE WHEN pg_has_role(S.srvowner, 'USAGE') OR has_server_privilege(S.oid, 'USAGE') THEN
|
|
|
|
U.umoptions
|
|
|
|
ELSE
|
|
|
|
NULL
|
|
|
|
END AS umoptions
|
|
|
|
FROM pg_user_mapping U
|
|
|
|
LEFT JOIN pg_authid A ON (A.oid = U.umuser) JOIN
|
|
|
|
pg_foreign_server S ON (U.umserver = S.oid);
|
|
|
|
|
|
|
|
REVOKE ALL on pg_user_mapping FROM public;
|
|
|
|
|
Introduce replication progress tracking infrastructure.
When implementing a replication solution ontop of logical decoding, two
related problems exist:
* How to safely keep track of replication progress
* How to change replication behavior, based on the origin of a row;
e.g. to avoid loops in bi-directional replication setups
The solution to these problems, as implemented here, consist out of
three parts:
1) 'replication origins', which identify nodes in a replication setup.
2) 'replication progress tracking', which remembers, for each
replication origin, how far replay has progressed in a efficient and
crash safe manner.
3) The ability to filter out changes performed on the behest of a
replication origin during logical decoding; this allows complex
replication topologies. E.g. by filtering all replayed changes out.
Most of this could also be implemented in "userspace", e.g. by inserting
additional rows contain origin information, but that ends up being much
less efficient and more complicated. We don't want to require various
replication solutions to reimplement logic for this independently. The
infrastructure is intended to be generic enough to be reusable.
This infrastructure also replaces the 'nodeid' infrastructure of commit
timestamps. It is intended to provide all the former capabilities,
except that there's only 2^16 different origins; but now they integrate
with logical decoding. Additionally more functionality is accessible via
SQL. Since the commit timestamp infrastructure has also been introduced
in 9.5 (commit 73c986add) changing the API is not a problem.
For now the number of origins for which the replication progress can be
tracked simultaneously is determined by the max_replication_slots
GUC. That GUC is not a perfect match to configure this, but there
doesn't seem to be sufficient reason to introduce a separate new one.
Bumps both catversion and wal page magic.
Author: Andres Freund, with contributions from Petr Jelinek and Craig Ringer
Reviewed-By: Heikki Linnakangas, Petr Jelinek, Robert Haas, Steve Singer
Discussion: 20150216002155.GI15326@awork2.anarazel.de,
20140923182422.GA15776@alap3.anarazel.de,
20131114172632.GE7522@alap2.anarazel.de
2015-04-29 19:30:53 +02:00
|
|
|
|
|
|
|
CREATE VIEW pg_replication_origin_status AS
|
|
|
|
SELECT *
|
|
|
|
FROM pg_show_replication_origin_status();
|
|
|
|
|
|
|
|
REVOKE ALL ON pg_replication_origin_status FROM public;
|
|
|
|
|
2009-04-07 02:31:26 +02:00
|
|
|
--
|
|
|
|
-- We have a few function definitions in here, too.
|
|
|
|
-- At some point there might be enough to justify breaking them out into
|
|
|
|
-- a separate "system_functions.sql" file.
|
|
|
|
--
|
|
|
|
|
2007-10-22 22:13:37 +02:00
|
|
|
-- Tsearch debug function. Defined here because it'd be pretty unwieldy
|
2007-08-21 03:11:32 +02:00
|
|
|
-- to put it into pg_proc.h
|
|
|
|
|
2007-10-22 22:13:37 +02:00
|
|
|
CREATE FUNCTION ts_debug(IN config regconfig, IN document text,
|
|
|
|
OUT alias text,
|
|
|
|
OUT description text,
|
|
|
|
OUT token text,
|
|
|
|
OUT dictionaries regdictionary[],
|
|
|
|
OUT dictionary regdictionary,
|
|
|
|
OUT lexemes text[])
|
|
|
|
RETURNS SETOF record AS
|
2007-08-21 03:11:32 +02:00
|
|
|
$$
|
2010-11-23 21:27:50 +01:00
|
|
|
SELECT
|
2007-10-22 22:13:37 +02:00
|
|
|
tt.alias AS alias,
|
|
|
|
tt.description AS description,
|
|
|
|
parse.token AS token,
|
2007-08-21 03:11:32 +02:00
|
|
|
ARRAY ( SELECT m.mapdict::pg_catalog.regdictionary
|
|
|
|
FROM pg_catalog.pg_ts_config_map AS m
|
|
|
|
WHERE m.mapcfg = $1 AND m.maptokentype = parse.tokid
|
2007-08-25 19:47:44 +02:00
|
|
|
ORDER BY m.mapseqno )
|
2007-10-22 22:13:37 +02:00
|
|
|
AS dictionaries,
|
|
|
|
( SELECT mapdict::pg_catalog.regdictionary
|
|
|
|
FROM pg_catalog.pg_ts_config_map AS m
|
|
|
|
WHERE m.mapcfg = $1 AND m.maptokentype = parse.tokid
|
|
|
|
ORDER BY pg_catalog.ts_lexize(mapdict, parse.token) IS NULL, m.mapseqno
|
|
|
|
LIMIT 1
|
|
|
|
) AS dictionary,
|
|
|
|
( SELECT pg_catalog.ts_lexize(mapdict, parse.token)
|
|
|
|
FROM pg_catalog.pg_ts_config_map AS m
|
|
|
|
WHERE m.mapcfg = $1 AND m.maptokentype = parse.tokid
|
|
|
|
ORDER BY pg_catalog.ts_lexize(mapdict, parse.token) IS NULL, m.mapseqno
|
|
|
|
LIMIT 1
|
|
|
|
) AS lexemes
|
2007-08-21 03:11:32 +02:00
|
|
|
FROM pg_catalog.ts_parse(
|
2010-11-23 21:27:50 +01:00
|
|
|
(SELECT cfgparser FROM pg_catalog.pg_ts_config WHERE oid = $1 ), $2
|
2007-08-25 19:47:44 +02:00
|
|
|
) AS parse,
|
|
|
|
pg_catalog.ts_token_type(
|
|
|
|
(SELECT cfgparser FROM pg_catalog.pg_ts_config WHERE oid = $1 )
|
|
|
|
) AS tt
|
|
|
|
WHERE tt.tokid = parse.tokid
|
2007-08-21 03:11:32 +02:00
|
|
|
$$
|
2016-05-03 20:36:38 +02:00
|
|
|
LANGUAGE SQL STRICT STABLE PARALLEL SAFE;
|
2007-08-21 03:11:32 +02:00
|
|
|
|
2007-08-25 19:47:44 +02:00
|
|
|
COMMENT ON FUNCTION ts_debug(regconfig,text) IS
|
|
|
|
'debug function for text search configuration';
|
2007-08-21 03:11:32 +02:00
|
|
|
|
2007-10-22 22:13:37 +02:00
|
|
|
CREATE FUNCTION ts_debug(IN document text,
|
|
|
|
OUT alias text,
|
|
|
|
OUT description text,
|
|
|
|
OUT token text,
|
|
|
|
OUT dictionaries regdictionary[],
|
|
|
|
OUT dictionary regdictionary,
|
|
|
|
OUT lexemes text[])
|
|
|
|
RETURNS SETOF record AS
|
2007-08-21 03:11:32 +02:00
|
|
|
$$
|
2007-08-25 19:47:44 +02:00
|
|
|
SELECT * FROM pg_catalog.ts_debug( pg_catalog.get_current_ts_config(), $1);
|
2007-08-21 03:11:32 +02:00
|
|
|
$$
|
2016-05-03 20:36:38 +02:00
|
|
|
LANGUAGE SQL STRICT STABLE PARALLEL SAFE;
|
2007-08-21 03:11:32 +02:00
|
|
|
|
2007-08-25 19:47:44 +02:00
|
|
|
COMMENT ON FUNCTION ts_debug(text) IS
|
|
|
|
'debug function for current text search configuration';
|
2009-04-07 02:31:26 +02:00
|
|
|
|
|
|
|
--
|
|
|
|
-- Redeclare built-in functions that need default values attached to their
|
|
|
|
-- arguments. It's impractical to set those up directly in pg_proc.h because
|
|
|
|
-- of the complexity and platform-dependency of the expression tree
|
|
|
|
-- representation. (Note that internal functions still have to have entries
|
|
|
|
-- in pg_proc.h; we are merely causing their proargnames and proargdefaults
|
|
|
|
-- to get filled in.)
|
|
|
|
--
|
|
|
|
|
|
|
|
CREATE OR REPLACE FUNCTION
|
2016-04-05 20:03:49 +02:00
|
|
|
pg_start_backup(label text, fast boolean DEFAULT false, exclusive boolean DEFAULT true)
|
2016-05-02 16:42:34 +02:00
|
|
|
RETURNS pg_lsn STRICT VOLATILE LANGUAGE internal AS 'pg_start_backup'
|
|
|
|
PARALLEL RESTRICTED;
|
2013-03-29 19:12:13 +01:00
|
|
|
|
2014-06-29 19:50:58 +02:00
|
|
|
-- legacy definition for compatibility with 9.3
|
2013-05-31 03:05:07 +02:00
|
|
|
CREATE OR REPLACE FUNCTION
|
2013-03-29 19:12:13 +01:00
|
|
|
json_populate_record(base anyelement, from_json json, use_json_as_text boolean DEFAULT false)
|
2016-05-03 20:36:38 +02:00
|
|
|
RETURNS anyelement LANGUAGE internal STABLE AS 'json_populate_record' PARALLEL SAFE;
|
2013-03-29 19:12:13 +01:00
|
|
|
|
2014-06-29 19:50:58 +02:00
|
|
|
-- legacy definition for compatibility with 9.3
|
2013-05-31 03:05:07 +02:00
|
|
|
CREATE OR REPLACE FUNCTION
|
2013-03-29 19:12:13 +01:00
|
|
|
json_populate_recordset(base anyelement, from_json json, use_json_as_text boolean DEFAULT false)
|
2016-05-03 20:36:38 +02:00
|
|
|
RETURNS SETOF anyelement LANGUAGE internal STABLE ROWS 100 AS 'json_populate_recordset' PARALLEL SAFE;
|
Introduce logical decoding.
This feature, building on previous commits, allows the write-ahead log
stream to be decoded into a series of logical changes; that is,
inserts, updates, and deletes and the transactions which contain them.
It is capable of handling decoding even across changes to the schema
of the effected tables. The output format is controlled by a
so-called "output plugin"; an example is included. To make use of
this in a real replication system, the output plugin will need to be
modified to produce output in the format appropriate to that system,
and to perform filtering.
Currently, information can be extracted from the logical decoding
system only via SQL; future commits will add the ability to stream
changes via walsender.
Andres Freund, with review and other contributions from many other
people, including Álvaro Herrera, Abhijit Menon-Sen, Peter Gheogegan,
Kevin Grittner, Robert Haas, Heikki Linnakangas, Fujii Masao, Abhijit
Menon-Sen, Michael Paquier, Simon Riggs, Craig Ringer, and Steve
Singer.
2014-03-03 22:32:18 +01:00
|
|
|
|
|
|
|
CREATE OR REPLACE FUNCTION pg_logical_slot_get_changes(
|
2014-06-05 16:29:20 +02:00
|
|
|
IN slot_name name, IN upto_lsn pg_lsn, IN upto_nchanges int, VARIADIC options text[] DEFAULT '{}',
|
Introduce logical decoding.
This feature, building on previous commits, allows the write-ahead log
stream to be decoded into a series of logical changes; that is,
inserts, updates, and deletes and the transactions which contain them.
It is capable of handling decoding even across changes to the schema
of the effected tables. The output format is controlled by a
so-called "output plugin"; an example is included. To make use of
this in a real replication system, the output plugin will need to be
modified to produce output in the format appropriate to that system,
and to perform filtering.
Currently, information can be extracted from the logical decoding
system only via SQL; future commits will add the ability to stream
changes via walsender.
Andres Freund, with review and other contributions from many other
people, including Álvaro Herrera, Abhijit Menon-Sen, Peter Gheogegan,
Kevin Grittner, Robert Haas, Heikki Linnakangas, Fujii Masao, Abhijit
Menon-Sen, Michael Paquier, Simon Riggs, Craig Ringer, and Steve
Singer.
2014-03-03 22:32:18 +01:00
|
|
|
OUT location pg_lsn, OUT xid xid, OUT data text)
|
|
|
|
RETURNS SETOF RECORD
|
|
|
|
LANGUAGE INTERNAL
|
|
|
|
VOLATILE ROWS 1000 COST 1000
|
|
|
|
AS 'pg_logical_slot_get_changes';
|
|
|
|
|
|
|
|
CREATE OR REPLACE FUNCTION pg_logical_slot_peek_changes(
|
2014-06-05 16:29:20 +02:00
|
|
|
IN slot_name name, IN upto_lsn pg_lsn, IN upto_nchanges int, VARIADIC options text[] DEFAULT '{}',
|
Introduce logical decoding.
This feature, building on previous commits, allows the write-ahead log
stream to be decoded into a series of logical changes; that is,
inserts, updates, and deletes and the transactions which contain them.
It is capable of handling decoding even across changes to the schema
of the effected tables. The output format is controlled by a
so-called "output plugin"; an example is included. To make use of
this in a real replication system, the output plugin will need to be
modified to produce output in the format appropriate to that system,
and to perform filtering.
Currently, information can be extracted from the logical decoding
system only via SQL; future commits will add the ability to stream
changes via walsender.
Andres Freund, with review and other contributions from many other
people, including Álvaro Herrera, Abhijit Menon-Sen, Peter Gheogegan,
Kevin Grittner, Robert Haas, Heikki Linnakangas, Fujii Masao, Abhijit
Menon-Sen, Michael Paquier, Simon Riggs, Craig Ringer, and Steve
Singer.
2014-03-03 22:32:18 +01:00
|
|
|
OUT location pg_lsn, OUT xid xid, OUT data text)
|
|
|
|
RETURNS SETOF RECORD
|
|
|
|
LANGUAGE INTERNAL
|
|
|
|
VOLATILE ROWS 1000 COST 1000
|
|
|
|
AS 'pg_logical_slot_peek_changes';
|
|
|
|
|
|
|
|
CREATE OR REPLACE FUNCTION pg_logical_slot_get_binary_changes(
|
2014-06-05 16:29:20 +02:00
|
|
|
IN slot_name name, IN upto_lsn pg_lsn, IN upto_nchanges int, VARIADIC options text[] DEFAULT '{}',
|
Introduce logical decoding.
This feature, building on previous commits, allows the write-ahead log
stream to be decoded into a series of logical changes; that is,
inserts, updates, and deletes and the transactions which contain them.
It is capable of handling decoding even across changes to the schema
of the effected tables. The output format is controlled by a
so-called "output plugin"; an example is included. To make use of
this in a real replication system, the output plugin will need to be
modified to produce output in the format appropriate to that system,
and to perform filtering.
Currently, information can be extracted from the logical decoding
system only via SQL; future commits will add the ability to stream
changes via walsender.
Andres Freund, with review and other contributions from many other
people, including Álvaro Herrera, Abhijit Menon-Sen, Peter Gheogegan,
Kevin Grittner, Robert Haas, Heikki Linnakangas, Fujii Masao, Abhijit
Menon-Sen, Michael Paquier, Simon Riggs, Craig Ringer, and Steve
Singer.
2014-03-03 22:32:18 +01:00
|
|
|
OUT location pg_lsn, OUT xid xid, OUT data bytea)
|
|
|
|
RETURNS SETOF RECORD
|
|
|
|
LANGUAGE INTERNAL
|
|
|
|
VOLATILE ROWS 1000 COST 1000
|
|
|
|
AS 'pg_logical_slot_get_binary_changes';
|
|
|
|
|
|
|
|
CREATE OR REPLACE FUNCTION pg_logical_slot_peek_binary_changes(
|
2014-06-05 16:29:20 +02:00
|
|
|
IN slot_name name, IN upto_lsn pg_lsn, IN upto_nchanges int, VARIADIC options text[] DEFAULT '{}',
|
Introduce logical decoding.
This feature, building on previous commits, allows the write-ahead log
stream to be decoded into a series of logical changes; that is,
inserts, updates, and deletes and the transactions which contain them.
It is capable of handling decoding even across changes to the schema
of the effected tables. The output format is controlled by a
so-called "output plugin"; an example is included. To make use of
this in a real replication system, the output plugin will need to be
modified to produce output in the format appropriate to that system,
and to perform filtering.
Currently, information can be extracted from the logical decoding
system only via SQL; future commits will add the ability to stream
changes via walsender.
Andres Freund, with review and other contributions from many other
people, including Álvaro Herrera, Abhijit Menon-Sen, Peter Gheogegan,
Kevin Grittner, Robert Haas, Heikki Linnakangas, Fujii Masao, Abhijit
Menon-Sen, Michael Paquier, Simon Riggs, Craig Ringer, and Steve
Singer.
2014-03-03 22:32:18 +01:00
|
|
|
OUT location pg_lsn, OUT xid xid, OUT data bytea)
|
|
|
|
RETURNS SETOF RECORD
|
|
|
|
LANGUAGE INTERNAL
|
|
|
|
VOLATILE ROWS 1000 COST 1000
|
|
|
|
AS 'pg_logical_slot_peek_binary_changes';
|
2014-03-04 19:09:43 +01:00
|
|
|
|
2015-08-11 12:34:31 +02:00
|
|
|
CREATE OR REPLACE FUNCTION pg_create_physical_replication_slot(
|
|
|
|
IN slot_name name, IN immediately_reserve boolean DEFAULT false,
|
|
|
|
OUT slot_name name, OUT xlog_position pg_lsn)
|
|
|
|
RETURNS RECORD
|
|
|
|
LANGUAGE INTERNAL
|
Clean up some lack-of-STRICT issues in the core code, too.
A scan for missed proisstrict markings in the core code turned up
these functions:
brin_summarize_new_values
pg_stat_reset_single_table_counters
pg_stat_reset_single_function_counters
pg_create_logical_replication_slot
pg_create_physical_replication_slot
pg_drop_replication_slot
The first three of these take OID, so a null argument will normally look
like a zero to them, resulting in "ERROR: could not open relation with OID
0" for brin_summarize_new_values, and no action for the pg_stat_reset_XXX
functions. The other three will dump core on a null argument, though this
is mitigated by the fact that they won't do so until after checking that
the caller is superuser or has rolreplication privilege.
In addition, the pg_logical_slot_get/peek[_binary]_changes family was
intentionally marked nonstrict, but failed to make nullness checks on all
the arguments; so again a null-pointer-dereference crash is possible but
only for superusers and rolreplication users.
Add the missing ARGISNULL checks to the latter functions, and mark the
former functions as strict in pg_proc. Make that change in the back
branches too, even though we can't force initdb there, just so that
installations initdb'd in future won't have the issue. Since none of these
bugs rise to the level of security issues (and indeed the pg_stat_reset_XXX
functions hardly misbehave at all), it seems sufficient to do this.
In addition, fix some order-of-operations oddities in the slot_get_changes
family, mostly cosmetic, but not the part that moves the function's last
few operations into the PG_TRY block. As it stood, there was significant
risk for an error to exit without clearing historical information from
the system caches.
The slot_get_changes bugs go back to 9.4 where that code was introduced.
Back-patch appropriate subsets of the pg_proc changes into all active
branches, as well.
2016-01-09 22:58:32 +01:00
|
|
|
STRICT VOLATILE
|
2015-08-11 12:34:31 +02:00
|
|
|
AS 'pg_create_physical_replication_slot';
|
|
|
|
|
2014-03-04 19:09:43 +01:00
|
|
|
CREATE OR REPLACE FUNCTION
|
|
|
|
make_interval(years int4 DEFAULT 0, months int4 DEFAULT 0, weeks int4 DEFAULT 0,
|
|
|
|
days int4 DEFAULT 0, hours int4 DEFAULT 0, mins int4 DEFAULT 0,
|
|
|
|
secs double precision DEFAULT 0.0)
|
|
|
|
RETURNS interval
|
|
|
|
LANGUAGE INTERNAL
|
2016-05-03 20:36:38 +02:00
|
|
|
STRICT IMMUTABLE PARALLEL SAFE
|
2014-03-04 19:09:43 +01:00
|
|
|
AS 'make_interval';
|
2015-06-01 02:34:10 +02:00
|
|
|
|
|
|
|
CREATE OR REPLACE FUNCTION
|
|
|
|
jsonb_set(jsonb_in jsonb, path text[] , replacement jsonb,
|
|
|
|
create_if_missing boolean DEFAULT true)
|
|
|
|
RETURNS jsonb
|
|
|
|
LANGUAGE INTERNAL
|
2016-05-03 20:36:38 +02:00
|
|
|
STRICT IMMUTABLE PARALLEL SAFE
|
2015-06-01 02:34:10 +02:00
|
|
|
AS 'jsonb_set';
|
2016-03-18 16:16:14 +01:00
|
|
|
|
|
|
|
CREATE OR REPLACE FUNCTION
|
|
|
|
parse_ident(str text, strict boolean DEFAULT true)
|
|
|
|
RETURNS text[]
|
|
|
|
LANGUAGE INTERNAL
|
2016-05-03 20:36:38 +02:00
|
|
|
STRICT IMMUTABLE PARALLEL SAFE
|
2016-03-18 16:16:14 +01:00
|
|
|
AS 'parse_ident';
|
2016-04-06 18:20:17 +02:00
|
|
|
|
|
|
|
CREATE OR REPLACE FUNCTION
|
|
|
|
jsonb_insert(jsonb_in jsonb, path text[] , replacement jsonb,
|
|
|
|
insert_after boolean DEFAULT false)
|
|
|
|
RETURNS jsonb
|
|
|
|
LANGUAGE INTERNAL
|
2016-05-03 20:36:38 +02:00
|
|
|
STRICT IMMUTABLE PARALLEL SAFE
|
2016-04-06 18:20:17 +02:00
|
|
|
AS 'jsonb_insert';
|
2016-04-07 03:45:32 +02:00
|
|
|
|
|
|
|
-- The default permissions for functions mean that anyone can execute them.
|
|
|
|
-- A number of functions shouldn't be executable by just anyone, but rather
|
|
|
|
-- than use explicit 'superuser()' checks in those functions, we use the GRANT
|
|
|
|
-- system to REVOKE access to those functions at initdb time. Administrators
|
|
|
|
-- can later change who can access these functions, or leave them as only
|
|
|
|
-- available to superuser / cluster owner, if they choose.
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_start_backup(text, boolean, boolean) FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_stop_backup() FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_stop_backup(boolean) FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_create_restore_point(text) FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_switch_xlog() FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_xlog_replay_pause() FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_xlog_replay_resume() FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_rotate_logfile() FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_reload_conf() FROM public;
|
|
|
|
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_stat_reset() FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_stat_reset_shared(text) FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_stat_reset_single_table_counters(oid) FROM public;
|
|
|
|
REVOKE EXECUTE ON FUNCTION pg_stat_reset_single_function_counters(oid) FROM public;
|