From 7ed242b791cf293d03876d6eb42c5435f2020be7 Mon Sep 17 00:00:00 2001 From: Bharath Rupireddy Date: Fri, 22 Oct 2021 01:47:38 +0000 Subject: [PATCH v3] change privileges of pg_backend_memory_contexts and pg_shmem_allocations In a typical production environment, the user (not necessarily a superuser) wants to analyze the memory usage via pg_backend_memory_contexts view or pg_shmem_allocations view which are accessible to only superusers. This patch allows non-superusers with a predefined role pg_read_all_stats to access them. While on this, change the way the tests use pg_log_backend_memory_contexts() Usually for functions, we don't use "SELECT-FROM-<>", we just use "SELECT-<>". --- doc/src/sgml/catalogs.sgml | 6 ++-- src/backend/catalog/system_views.sql | 4 +++ src/test/regress/expected/misc_functions.out | 2 +- src/test/regress/expected/privileges.out | 32 ++++++++++++++++++++ src/test/regress/sql/misc_functions.sql | 2 +- src/test/regress/sql/privileges.sql | 27 +++++++++++++++++ 6 files changed, 69 insertions(+), 4 deletions(-) diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml index fd6910ddbe..0022b29b1e 100644 --- a/doc/src/sgml/catalogs.sgml +++ b/doc/src/sgml/catalogs.sgml @@ -9850,7 +9850,8 @@ SCRAM-SHA-256$<iteration count>:&l By default, the pg_backend_memory_contexts view can be - read only by superusers. + read only by superusers or members of the pg_read_all_stats + role. @@ -12680,7 +12681,8 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx By default, the pg_shmem_allocations view can be - read only by superusers. + read only by superusers or members of the pg_read_all_stats + role. diff --git a/src/backend/catalog/system_views.sql b/src/backend/catalog/system_views.sql index 55f6e3711d..eb560955cd 100644 --- a/src/backend/catalog/system_views.sql +++ b/src/backend/catalog/system_views.sql @@ -621,13 +621,17 @@ CREATE VIEW pg_shmem_allocations AS SELECT * FROM pg_get_shmem_allocations(); REVOKE ALL ON pg_shmem_allocations FROM PUBLIC; +GRANT SELECT ON pg_shmem_allocations TO pg_read_all_stats; REVOKE EXECUTE ON FUNCTION pg_get_shmem_allocations() FROM PUBLIC; +GRANT EXECUTE ON FUNCTION pg_get_shmem_allocations() TO pg_read_all_stats; CREATE VIEW pg_backend_memory_contexts AS SELECT * FROM pg_get_backend_memory_contexts(); REVOKE ALL ON pg_backend_memory_contexts FROM PUBLIC; +GRANT SELECT ON pg_backend_memory_contexts TO pg_read_all_stats; REVOKE EXECUTE ON FUNCTION pg_get_backend_memory_contexts() FROM PUBLIC; +GRANT EXECUTE ON FUNCTION pg_get_backend_memory_contexts() TO pg_read_all_stats; -- Statistics views diff --git a/src/test/regress/expected/misc_functions.out b/src/test/regress/expected/misc_functions.out index e845042d38..d0d584abb4 100644 --- a/src/test/regress/expected/misc_functions.out +++ b/src/test/regress/expected/misc_functions.out @@ -140,7 +140,7 @@ HINT: No function matches the given name and argument types. You might need to -- Furthermore, their contents can vary depending on the timing. However, -- we can at least verify that the code doesn't fail. -- -SELECT * FROM pg_log_backend_memory_contexts(pg_backend_pid()); +SELECT pg_log_backend_memory_contexts(pg_backend_pid()); pg_log_backend_memory_contexts -------------------------------- t diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out index 83cff902f3..15d9c311d9 100644 --- a/src/test/regress/expected/privileges.out +++ b/src/test/regress/expected/privileges.out @@ -2413,3 +2413,35 @@ REVOKE TRUNCATE ON lock_table FROM regress_locktable_user; -- clean up DROP TABLE lock_table; DROP USER regress_locktable_user; +-- test to check privileges of system views pg_shmem_allocations and +-- pg_backend_memory_contexts. +-- switch to superuser +\c - +CREATE ROLE regress_nosprusr_noreadallstats WITH NOSUPERUSER; +SET ROLE regress_nosprusr_noreadallstats; +SELECT COUNT(*) >= 0 AS ok FROM pg_backend_memory_contexts; -- permission denied error +ERROR: permission denied for view pg_backend_memory_contexts +SELECT COUNT(*) >= 0 AS ok FROM pg_shmem_allocations; -- permission denied error +ERROR: permission denied for view pg_shmem_allocations +-- switch to superuser +\c - +CREATE ROLE regress_nosprusr_readallstats WITH NOSUPERUSER; +GRANT pg_read_all_stats TO regress_nosprusr_readallstats; +SET ROLE regress_nosprusr_readallstats; +SELECT COUNT(*) >= 0 AS ok FROM pg_backend_memory_contexts; + ok +---- + t +(1 row) + +SELECT COUNT(*) >= 0 AS ok FROM pg_shmem_allocations; + ok +---- + t +(1 row) + +-- switch to superuser +\c - +-- clean up +DROP ROLE regress_nosprusr_noreadallstats; +DROP ROLE regress_nosprusr_readallstats; diff --git a/src/test/regress/sql/misc_functions.sql b/src/test/regress/sql/misc_functions.sql index a398349afc..94bf995fe2 100644 --- a/src/test/regress/sql/misc_functions.sql +++ b/src/test/regress/sql/misc_functions.sql @@ -37,7 +37,7 @@ SELECT num_nulls(); -- Furthermore, their contents can vary depending on the timing. However, -- we can at least verify that the code doesn't fail. -- -SELECT * FROM pg_log_backend_memory_contexts(pg_backend_pid()); +SELECT pg_log_backend_memory_contexts(pg_backend_pid()); -- -- Test some built-in SRFs diff --git a/src/test/regress/sql/privileges.sql b/src/test/regress/sql/privileges.sql index 3d1a1db987..2380860184 100644 --- a/src/test/regress/sql/privileges.sql +++ b/src/test/regress/sql/privileges.sql @@ -1476,3 +1476,30 @@ REVOKE TRUNCATE ON lock_table FROM regress_locktable_user; -- clean up DROP TABLE lock_table; DROP USER regress_locktable_user; + +-- test to check privileges of system views pg_shmem_allocations and +-- pg_backend_memory_contexts. + +-- switch to superuser +\c - + +CREATE ROLE regress_nosprusr_noreadallstats WITH NOSUPERUSER; +SET ROLE regress_nosprusr_noreadallstats; +SELECT COUNT(*) >= 0 AS ok FROM pg_backend_memory_contexts; -- permission denied error +SELECT COUNT(*) >= 0 AS ok FROM pg_shmem_allocations; -- permission denied error + +-- switch to superuser +\c - + +CREATE ROLE regress_nosprusr_readallstats WITH NOSUPERUSER; +GRANT pg_read_all_stats TO regress_nosprusr_readallstats; +SET ROLE regress_nosprusr_readallstats; +SELECT COUNT(*) >= 0 AS ok FROM pg_backend_memory_contexts; +SELECT COUNT(*) >= 0 AS ok FROM pg_shmem_allocations; + +-- switch to superuser +\c - + +-- clean up +DROP ROLE regress_nosprusr_noreadallstats; +DROP ROLE regress_nosprusr_readallstats; -- 2.25.1