nalyze really
happened, so we could see if there's any less-fragile way of
dealing with this situation.
regards, tom lane
1 11:34:46 CEST - mailprocessor> ERROR: could not resize
>> shared memory segment "/PostgreSQL.2448337832" to 182656 bytes: No
>> space left on device
This seems to indicate that you're hitting some kernel limit on
the amount of POSIX shared memory. Not sure where to look for
that.
regards, tom lane
gone away, though I've not thought
about it very hard.
regards, tom lane
ents.
A volatile function wouldn't use that snapshot, explaining Pierre's
result.
regards, tom lane
200
Add 'directory' format to pg_dump. The new directory format is compatible
with the 'tar' format, in that untarring a tar format archive produces a
valid directory format archive.
regards, tom lane
s a pretty common coding pattern, so I can't get excited
about changing it, especially not in long-stable branches.
regards, tom lane
e Java
app uses? I'm wondering about per-user or per-DB settings of
standard_conforming_strings.
regards, tom lane
traction? But that
would be problematic for outside callers.
In any case this doesn't seem like a sane thing to be redesigning
post-beta. A few months ago maybe we'd have done it, but ...
regards, tom lane
cond wait resolution within the lifespan of libpq.
regards, tom lane
anyway.
(2) I'm less sure about this part, but I seem to recall that openssl
doesn't actually work if given a UNIX socket.
Maybe there are reasons why those arguments are obsolete, but you
haven't presented any.
regards, tom lane
riant of
ALTER DEFAULT PRIVILEGES IN SCHEMA public
REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;
Repeat for each schema that you think might be publicly readable
(which is only public by default).
BTW, in PG 15 and up, the public schema is not writable by
default, which attacks basically the same problem from a different
direction.
regards, tom lane
regression=# \c - joe
You are now connected to database "regression" as user "joe".
regression=> copy jt From Program 'echo "Buffa Testata"' CSV;
COPY 1
What PG version are you working with?
regards, tom lane
; OPERATOR(pg_catalog.=) "import_job_oid"" *
I don't know what you're running there, but there is no such error
message in community Postgres. Having said that, maybe what you
need is to *not* have any before trigger applied to the import_file
table.
regards, tom lane
ries for
a GUC? (You could eliminate such inconsistency by storing the data
in a shared catalog, perhaps, but that brings some other concerns.)
I don't really see the value for work expended here.
regards, tom lane
ot be used for anything in that
database, and they might as well not be there. The reason they
are there is merely an implementation detail: CREATE DATABASE clones
those catalogs from the single copy of pg_collation in template0,
which therefore had better include all collations that might be
neede
llow RETURNS together with OUT parameter(s)
is so there's a place to write SETOF if you want that.
Yes, the RETURNS TABLE syntax is somewhat redundant with RETURNS
SETOF. Blame the SQL standard for that.
regards, tom lane
ave a ton of definitional issues (should it
"look through" views, for example?), and second you probably break
applications that are expecting the existing, longstanding definition.
regards, tom lane
[1] https://www.postgresql.org/docs/current/protocol-message-formats.html
urely just the tip of the iceberg of
client-side code that we could break if we change how this
works.
regards, tom lane
"David G. Johnston" writes:
> On Fri, Jun 21, 2024 at 8:51 AM Tom Lane wrote:
>> The PG wire protocol specification [1] defines these fields thus:
>> If the field can be identified as a column of a specific
>> table, the object ID of the table; otherwise
n't forget you have to signal the postmaster to reload
configuration after any change in these files.
regards, tom lane
ame it'd default to.
Another idea could be to enable log_connections on the primary,
and see if the incoming connection request looks different than
you were expecting.
regards, tom lane
mage for the failing case.
Please go to AWS for support for custom AWS stuff.
regards, tom lane
, considerations like these are why there's not features
of this sort in community PG. You can use an extension that
applies some checks, but there's no good way around the "needs
cleartext password" problem for that.
regards, tom lane
on (be specific)? Is the system software
up-to-date?
* What C compiler are you using, and what version exactly?
* What configure options did you use?
regards, tom lane
[1] https://buildfarm.postgresql.org/cgi-bin/show_status.pl
have to negotiate with systemd-coredump to get back any core dump
at all. "man 5 core" can be helpful reading here (personally
I just disable systemd-coredump per the directions shown there).
regards, tom lane
hand, it's hard to get excited about putting
work into improving a behavior that we deprecate using at all.)
regards, tom lane
d of those privileges.
REASSIGN OWNED only changes the ownership of ownable objects.
> I'd still like to see how to list the "privileges for schema
> public",
"\dn+ public" in psql would do that.
regards, tom lane
value of one column that is paired
> with the maximum value of another column in each group when using GROUP BY.
Use window functions (i.e. first_value). This is what they're for,
and they are smart enough to do just one sort for functions sharing
a common window spec.
regards, tom lane
v14 or before. If so, you probably also forgot the
pg_upgrade step --- you can't simply start a new major version
in an old one's data directory.
regards, tom lane
eleases and bug fixes
ago.
regards, tom lane
ve on as an
externally-maintained extension.
Having said that, it is a bit of a development backwater, so you
should probably not count on anyone being interested enough to add
new features to it.
regards, tom lane
lect (interval '1 ');
interval
--
00:00:01
(1 row)
select (interval '1 ' || 'month');
?column?
---
00:00:01month
(1 row)
regards, tom lane
e not
exposed to applications by libpq-fe.h, so your own app's debug
data is not going to contain the details of the struct. But I think
it would be available to gdb if libpq's debug symbols were installed.
regards, tom lane
${TIMEOUT_MINS}'$a"
is supposed to mean, but that's independent of the LIMIT issue.
regards, tom lane
ensure that
> default privileges are altered for every new role that is created going
> forward.
> Have I analyzed this correctly?
You'll also need to repeat the ALTERs in each database of your
installation.
regards, tom lane
Default access privileges
Owner | Schema | Type | Access privileges
---++--+---
joe || function | joe=X/joe
(1 row)
regards, tom lane
the *built in* default privileges for a
given object kind and owner. If there's a relevant entry in
pg_default_acl, it overrides the built-in default during object
creation.
regards, tom lane
, so you wouldn't get the right answer in a backend even
if the function were reachable.
> What you could do is use the dblink extension to connect to the local
> database.
> If you get an error "the database system is shutting down", there is a smart
> shutdown in progres
Possibly plpgsql_check can be set to complain about such cases,
but they're legal according to the language specification.
regards, tom lane
plpgsql_check_function │
> ╞═══╡
> │ warning:0:10:statement block:parameter "d3" is overlapped │
> │ Detail: Local variable overlap function parameter.│
Nice! FWIW, I think the standard terminology is "local variable
shadows function parameter".
regards, tom lane
and INHERIT TRUE to be able to
access the privileges of the role you are nominally a member of. This
extends to ownership checks as well as grantable privileges.
regards, tom lane
FALSE? Does the role granted
>> membership gain any ability it didn't have before in that case?
> Looks like there is one ability.
> Authentication in pg_hba.conf "USER" field via +role syntax.
Hmm, if that check doesn't require INHERIT TRUE I'd say it's
a bug.
regards, tom lane
"David G. Johnston" writes:
> On Mon, Jul 8, 2024 at 2:16 PM Tom Lane wrote:
>> Pavel Luzanov writes:
> On 08.07.2024 22:22, Christophe Pettus wrote:
>>>> This is more curiosity than anything else. In the v16 role system, is
>>>> there actually
"David G. Johnston" writes:
> On Mon, Jul 8, 2024 at 3:08 PM Tom Lane wrote:
>> That doesn't make it not a bug.
> Fair, the code was from a time when membership implied SET permission which
> apparently was, IMO, still is, a sufficient reason to allow a member
Dimitrios Apostolou writes:
> The TABLE test_runs_raw has 1000 partitions on RANGE(workitem_n).
So don't do that. Adding partitions is not cost-free.
regards, tom lane
onment locale
settings.
regards, tom lane
.
On my RHEL8 box, it looks like glibc-locale-source is what
provides most non-C locales.
regards, tom lane
. The page above says they are built for SLES 15 SP5,
but SUSE would have to have screwed up pretty badly for a
package built on SP5 to not run on SP6.
regards, tom lane
connection parameter, like host or port or dbname.
You seem to be trying to specify it as a server parameter, ie inside
the "options" connection parameter.
regards, tom lane
27;re using some other client driver, maybe it doesn't know this
parameter and guesses that it should be passed to the server.
regards, tom lane
15553 session. I kind of wonder if we could suppress these
other log entries too, but it's not very clear how.
If this behavior really annoys you, you can use psql's -W switch
to force it to prompt for a password in advance of knowing whether
the server will demand one.
regards, tom lane
t some steps. Shove the logic
over to the client side and you're good to go.
regards, tom lane
Can you provide a self-contained test
case?
regards, tom lane
he same thing that was reported yesterday:
https://www.postgresql.org/message-id/flat/18562-46a7ee9a7b1ee153%40postgresql.org
regards, tom lane
I'd
expect to see a LOG message in the postmaster log about that, either
something about "setsockopt failed" or "WSAIoctl failed" or "setting
the keepalive idle time is not supported".
Also, if you inquire the value on a non-TCP connection, you'll
get zero
ce
within FROM clauses. Postgres' behavior agrees with the SQL
spec here.)
regards, tom lane
for us.
Sadly, the SQL spec doesn't provide for a FROM clause in UPDATE,
so they offer no guidance. But I doubt we are going to change
this unless the standard defines it and does so in a way that
doesn't match what we're doing.
regards, tom lane
is error-prone (you might test for the wrong cutoff version)
and not very readable.
* We can't retroactively make such a symbol appear in old copies
of libpq-fe.h.
regards, tom lane
timate by creating extended stats on both of
those columns, but really a better idea would be to take a step back
and figure out if those two columns can't be merged into one.
regards, tom lane
xecutable is linking to an old version
of libpq.so. (Running "ldd" on the psql file should confirm that.)
You may have a problem with the library search path being used by the
dynamic loader.
regards, tom lane
hich level the workitem_n and
datatag conditions go at, so this is just a draft-quality
query. But I think the structure is basically okay, given
that you said datatag_n is unique in datatags (so there's no
need to join it in the WITH step).
regards, tom lane
datatype-oid.html
regards, tom lane
ge, expecting
postgresql13-devel to provide whatever you needed from that.
regards, tom lane
rmally get to
escape permission checks when bits of the query are optimized away.
(This is why permission checks are done on the range table not the
plan tree.)
regards, tom lane
a server update.
regards, tom lane
they're determined by the individual opclass. So
anything like this would have to be implemented by dedicated code
in each opclass. Perhaps that's worth doing, but it'd be a fair
amount of work.
regards, tom lane
emon,
this'd be a reasonable thing for a packager to do.
I'd bet a nickel on #1, though, because I've not seen too many
packagers put postgres somewhere other than where they put psql.
"Separate server package" is extremely common though.
regards, tom lane
.
Yeah, it looks like that condition on "table_name" is not getting
pushed down to the scan level anymore. I'm not sure why not,
but will look closer tomorrow.
regards, tom lane
David Rowley writes:
> On Tue, 27 Aug 2024 at 13:40, Tom Lane wrote:
>> Yeah, it looks like that condition on "table_name" is not getting
>> pushed down to the scan level anymore. I'm not sure why not,
>> but will look closer tomorrow.
> So looks like it
t really improve the lexeme-position limit.
(Wanders away wondering if the expanded-datum infrastructure could
be exploited here...)
regards, tom lane
usage_text values, but that certainly looks
like it's possible.) So IMO you have not actually demonstrated that
there is any bug.
regards, tom lane
and R-Tree
* Storage:
*Leaf pages
*(len)(flag)(ltree)
*Non-Leaf
* (len)(flag)(sign)(left_ltree)(right_ltree)
*ALLTRUE: (len)(flag)(left_ltree)(right_ltree)
and that seems consistent with the fact that ltree_consistent
does different things at leaf and non-leaf levels.
regards, tom lane
grant role "eeva_owner"
Works for me. For that matter, given the GRANT WITH ADMIN OPTION,
it works even if "ingmar" isn't a superuser.
I'm betting you weren't actually operating as the "ingmar" role
when you did that, but since you didn't show your steps in any
detail, it's hard to say where you went wrong.
regards, tom lane
, wrap the
emitted commands in BEGIN/COMMIT). This ensures that either all
the commands complete successfully, or no changes are
applied. This option implies --exit-on-error.
regards, tom lane
elasticache? If so, how did it work out?
Looks like it's been done:
https://wiki.postgresql.org/wiki/Foreign_data_wrappers
(No warranty expressed or implied on the quality of these
particular FDWs.)
regards, tom lane
ing the problem trigger function as SECURITY DEFINER
if you want it to run as its owner.
regards, tom lane
regards, tom lane
erlaps
dblink's functionality. dblink sure seems like the path of least
resistance, though.
regards, tom lane
tart but the nested queries are problematic.
Nested queries are irrelevant, because the query is flat (or at least
the rangetable is) by the time it gets to the executor. See
ExecCheckPermissions.
regards, tom lane
did not create
dd_admin.
regards, tom lane
ons as well.
This recent thread might be enlightening:
https://www.postgresql.org/message-id/flat/18604-04d64b68e981ced6%40postgresql.org
If you have a requirement like this, I think the only safe
way to meet it is to not give those users direct SQL access.
Put some kind of restrictive app in front
efined at the parent does not work for me in inherited
> tables. Is it intended that way ?
If you mean when accessing the child tables directly, yes.
regards, tom lane
for AIX is -D_LARGE_FILES=1, but I'm not sure that that
would have any impact during initdb (since we're not dealing with
any large files at that point).
You could perhaps try different -O optimization levels. Also
make sure your xlc is up-to-date.
regards, tom lane
aracter set conversion errors here, as the data
> is temporarily written to a plain text file.
The dump script will include a "SET client_encoding" command to
prevent that.
regards, tom lane
d with. Just fix it; your life
will be less painful.
regards, tom lane
ing. A query that's generated lots of temp files will try to
clean them up at termination, so maybe the backend is just sitting
there removing temp files before it'll give control back.
regards, tom lane
Jerry Sievers writes:
> Tom Lane writes:
>> The "unkillable" aspect is odd, but I wonder if that's just a red
>> herring. A query that's generated lots of temp files will try to
>> clean them up at termination, so maybe the backend is just sitting
>&
an only be performed by a superuser.)
and as far as I can see, the permissions check in vacuum.c implements that
exactly.
regards, tom lane
t;SELECT " +
>"out_uid AS uid," +
regards, tom lane
in (some of?) these reports. The hard part is to hold onto the
Windows error code alongside errno without massively invasive changes.
regards, tom lane
ommit or rollback a transaction (and then start
a new one).
regards, tom lane
regards, tom lane
org/docs/current/libpq-single-row-mode.html
regards, tom lane
Radoslav Nedyalkov writes:
> On Tue, Mar 9, 2021 at 6:03 PM Tom Lane wrote:
>> Perhaps the accumulation is happening on the client side? libpq doesn't
>> have any provision for spilling a result set to disk.
> Ah, I named it result set wrongly perhaps.
> These are
Radoslav Nedyalkov writes:
> On Tue, Mar 9, 2021 at 6:53 PM Tom Lane wrote:
>> The only thing I'm aware of that could consume unbounded memory
>> on the server side is hash aggregation. (v13 has improved that
>> situation, but I'm guessing you are running some
"David G. Johnston" writes:
> On Mon, Mar 8, 2021 at 9:41 PM Tom Lane wrote:
>> Guyren Howe writes:
>>> This seems like an important consideration. I've spent 10 minutes
>>> searching the documentation for PG 11 and can't find where it is
>>&
that 'G' and related format codes act as specified by
your LC_MONETARY locale. If you don't like the results, you need to use
a different locale.
(I suppose you could also use regexp_replace to convert random forms
of whitespace to plain ASCII space.)
regards, tom lane
examples.
I was modeling that on the existing pattern in create_function.sgml,
which has similar verbiage in the EXAMPLES section. But I suppose
we could drop that if we have a link in the description section.
regards, tom lane
"David G. Johnston" writes:
> On Tue, Mar 9, 2021 at 3:21 PM Tom Lane wrote:
>> "David G. Johnston" writes:
>>> Instead of "The difference" or "One difference" I would suggest:
>>> "However, a procedure does not return a v
Vincent Veyron writes:
> Tom Lane wrote:
>> (I suppose you could also use regexp_replace to convert random forms
>> of whitespace to plain ASCII space.)
> No dice. 'G' formatting looks like a whitespace, but is different (it appears
> to be slightly narro
2101 - 2200 of 2962 matches
Mail list logo
