From: Jan Wieck <jwieck@debis.com>
seems that my last post didn't make it through. That's good since the diff itself didn't covered the renaming of pg_user.h to pg_shadow.h and it's new content. Here it's again. The complete regression test passwd with only some float diffs. createuser and destroyuser work. pg_shadow cannot be read by ordinary user.
This commit is contained in:
parent
d067f83b27
commit
780068f812
|
@ -4,7 +4,7 @@
|
|||
# Makefile for catalog
|
||||
#
|
||||
# IDENTIFICATION
|
||||
# $Header: /cvsroot/pgsql/src/backend/catalog/Makefile,v 1.8 1998/01/05 18:42:39 momjian Exp $
|
||||
# $Header: /cvsroot/pgsql/src/backend/catalog/Makefile,v 1.9 1998/02/25 13:05:55 scrappy Exp $
|
||||
#
|
||||
#-------------------------------------------------------------------------
|
||||
|
||||
|
@ -27,7 +27,7 @@ SUBSYS.o: $(OBJS)
|
|||
GENBKI= ./genbki.sh
|
||||
|
||||
GLOBALBKI_SRCS= $(addprefix ../../include/catalog/, \
|
||||
pg_database.h pg_variable.h pg_user.h \
|
||||
pg_database.h pg_variable.h pg_shadow.h \
|
||||
pg_group.h pg_log.h \
|
||||
)
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.6 1998/02/24 03:31:45 scrappy Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.7 1998/02/25 13:05:57 scrappy Exp $
|
||||
*
|
||||
* NOTES
|
||||
* See acl.h.
|
||||
|
@ -32,7 +32,7 @@
|
|||
#include "catalog/pg_aggregate.h"
|
||||
#include "catalog/pg_proc.h"
|
||||
#include "catalog/pg_type.h"
|
||||
#include "catalog/pg_user.h"
|
||||
#include "catalog/pg_shadow.h"
|
||||
#include "parser/parse_agg.h"
|
||||
#include "parser/parse_func.h"
|
||||
#include "utils/syscache.h"
|
||||
|
@ -396,14 +396,14 @@ pg_aclcheck(char *relname, char *usename, AclMode mode)
|
|||
if (!HeapTupleIsValid(htp))
|
||||
elog(ERROR, "pg_aclcheck: user \"%s\" not found",
|
||||
usename);
|
||||
id = (AclId) ((Form_pg_user) GETSTRUCT(htp))->usesysid;
|
||||
id = (AclId) ((Form_pg_shadow) GETSTRUCT(htp))->usesysid;
|
||||
|
||||
/*
|
||||
* for the 'pg_database' relation, check the usecreatedb field before
|
||||
* checking normal permissions
|
||||
*/
|
||||
if (strcmp(DatabaseRelationName, relname) == 0 &&
|
||||
(((Form_pg_user) GETSTRUCT(htp))->usecreatedb))
|
||||
(((Form_pg_shadow) GETSTRUCT(htp))->usecreatedb))
|
||||
{
|
||||
|
||||
/*
|
||||
|
@ -417,12 +417,12 @@ pg_aclcheck(char *relname, char *usename, AclMode mode)
|
|||
|
||||
/*
|
||||
* Deny anyone permission to update a system catalog unless
|
||||
* pg_user.usecatupd is set. (This is to let superusers protect
|
||||
* pg_shadow.usecatupd is set. (This is to let superusers protect
|
||||
* themselves from themselves.)
|
||||
*/
|
||||
if (((mode & ACL_WR) || (mode & ACL_AP)) &&
|
||||
IsSystemRelationName(relname) &&
|
||||
!((Form_pg_user) GETSTRUCT(htp))->usecatupd)
|
||||
!((Form_pg_shadow) GETSTRUCT(htp))->usecatupd)
|
||||
{
|
||||
elog(DEBUG, "pg_aclcheck: catalog update to \"%s\": permission denied",
|
||||
relname);
|
||||
|
@ -432,7 +432,7 @@ pg_aclcheck(char *relname, char *usename, AclMode mode)
|
|||
/*
|
||||
* Otherwise, superusers bypass all permission-checking.
|
||||
*/
|
||||
if (((Form_pg_user) GETSTRUCT(htp))->usesuper)
|
||||
if (((Form_pg_shadow) GETSTRUCT(htp))->usesuper)
|
||||
{
|
||||
#ifdef ACLDEBUG_TRACE
|
||||
elog(DEBUG, "pg_aclcheck: \"%s\" is superuser",
|
||||
|
@ -531,12 +531,12 @@ pg_ownercheck(char *usename,
|
|||
if (!HeapTupleIsValid(htp))
|
||||
elog(ERROR, "pg_ownercheck: user \"%s\" not found",
|
||||
usename);
|
||||
user_id = (AclId) ((Form_pg_user) GETSTRUCT(htp))->usesysid;
|
||||
user_id = (AclId) ((Form_pg_shadow) GETSTRUCT(htp))->usesysid;
|
||||
|
||||
/*
|
||||
* Superusers bypass all permission-checking.
|
||||
*/
|
||||
if (((Form_pg_user) GETSTRUCT(htp))->usesuper)
|
||||
if (((Form_pg_shadow) GETSTRUCT(htp))->usesuper)
|
||||
{
|
||||
#ifdef ACLDEBUG_TRACE
|
||||
elog(DEBUG, "pg_ownercheck: user \"%s\" is superuser",
|
||||
|
@ -597,12 +597,12 @@ pg_func_ownercheck(char *usename,
|
|||
if (!HeapTupleIsValid(htp))
|
||||
elog(ERROR, "pg_func_ownercheck: user \"%s\" not found",
|
||||
usename);
|
||||
user_id = (AclId) ((Form_pg_user) GETSTRUCT(htp))->usesysid;
|
||||
user_id = (AclId) ((Form_pg_shadow) GETSTRUCT(htp))->usesysid;
|
||||
|
||||
/*
|
||||
* Superusers bypass all permission-checking.
|
||||
*/
|
||||
if (((Form_pg_user) GETSTRUCT(htp))->usesuper)
|
||||
if (((Form_pg_shadow) GETSTRUCT(htp))->usesuper)
|
||||
{
|
||||
#ifdef ACLDEBUG_TRACE
|
||||
elog(DEBUG, "pg_ownercheck: user \"%s\" is superuser",
|
||||
|
@ -638,12 +638,12 @@ pg_aggr_ownercheck(char *usename,
|
|||
if (!HeapTupleIsValid(htp))
|
||||
elog(ERROR, "pg_aggr_ownercheck: user \"%s\" not found",
|
||||
usename);
|
||||
user_id = (AclId) ((Form_pg_user) GETSTRUCT(htp))->usesysid;
|
||||
user_id = (AclId) ((Form_pg_shadow) GETSTRUCT(htp))->usesysid;
|
||||
|
||||
/*
|
||||
* Superusers bypass all permission-checking.
|
||||
*/
|
||||
if (((Form_pg_user) GETSTRUCT(htp))->usesuper)
|
||||
if (((Form_pg_shadow) GETSTRUCT(htp))->usesuper)
|
||||
{
|
||||
#ifdef ACLDEBUG_TRACE
|
||||
elog(DEBUG, "pg_aggr_ownercheck: user \"%s\" is superuser",
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.42 1998/02/13 19:45:38 momjian Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.43 1998/02/25 13:06:08 scrappy Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
@ -32,7 +32,7 @@
|
|||
#include <access/genam.h>
|
||||
#include <catalog/pg_type.h>
|
||||
#include <catalog/catname.h>
|
||||
#include <catalog/pg_user.h>
|
||||
#include <catalog/pg_shadow.h>
|
||||
#include <commands/copy.h>
|
||||
#include "commands/trigger.h"
|
||||
#include <storage/fd.h>
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.6 1998/01/31 04:38:19 momjian Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.7 1998/02/25 13:06:09 scrappy Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
@ -25,7 +25,7 @@
|
|||
#include "utils/elog.h"
|
||||
#include "catalog/catname.h"
|
||||
#include "catalog/pg_proc.h"
|
||||
#include "catalog/pg_user.h"
|
||||
#include "catalog/pg_shadow.h"
|
||||
#include "catalog/pg_database.h"
|
||||
#include "utils/syscache.h"
|
||||
#include "commands/dbcommands.h"
|
||||
|
@ -211,9 +211,9 @@ check_permissions(char *command,
|
|||
userName = GetPgUserName();
|
||||
utup = SearchSysCacheTuple(USENAME, PointerGetDatum(userName),
|
||||
0, 0, 0);
|
||||
*userIdP = ((Form_pg_user) GETSTRUCT(utup))->usesysid;
|
||||
use_super = ((Form_pg_user) GETSTRUCT(utup))->usesuper;
|
||||
use_createdb = ((Form_pg_user) GETSTRUCT(utup))->usecreatedb;
|
||||
*userIdP = ((Form_pg_shadow) GETSTRUCT(utup))->usesysid;
|
||||
use_super = ((Form_pg_shadow) GETSTRUCT(utup))->usesuper;
|
||||
use_createdb = ((Form_pg_shadow) GETSTRUCT(utup))->usecreatedb;
|
||||
|
||||
/* Check to make sure user has permission to use createdb */
|
||||
if (!use_createdb)
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/define.c,v 1.22 1998/02/13 13:23:33 scrappy Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/define.c,v 1.23 1998/02/25 13:06:12 scrappy Exp $
|
||||
*
|
||||
* DESCRIPTION
|
||||
* The "DefineFoo" routines take the parse tree and pick out the
|
||||
|
@ -52,7 +52,7 @@
|
|||
#include <commands/defrem.h>
|
||||
#include <optimizer/xfunc.h>
|
||||
#include <tcop/dest.h>
|
||||
#include <catalog/pg_user.h>
|
||||
#include <catalog/pg_shadow.h>
|
||||
|
||||
static char *defGetString(DefElem *def);
|
||||
static int defGetTypeLength(DefElem *def);
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
|
||||
#include "access/heapam.h"
|
||||
#include "catalog/catname.h"
|
||||
#include "catalog/pg_user.h"
|
||||
#include "catalog/pg_shadow.h"
|
||||
#include "catalog/pg_proc.h"
|
||||
#include "catalog/pg_language.h"
|
||||
#include "utils/syscache.h"
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
#include <miscadmin.h>
|
||||
#include <catalog/catname.h>
|
||||
#include <catalog/pg_database.h>
|
||||
#include <catalog/pg_user.h>
|
||||
#include <catalog/pg_shadow.h>
|
||||
#include <libpq/crypt.h>
|
||||
#include <access/heapam.h>
|
||||
#include <access/xact.h>
|
||||
|
@ -38,7 +38,7 @@ static void CheckPgUserAclNotNull(void);
|
|||
/*---------------------------------------------------------------------
|
||||
* UpdatePgPwdFile
|
||||
*
|
||||
* copy the modified contents of pg_user to a file used by the postmaster
|
||||
* copy the modified contents of pg_shadow to a file used by the postmaster
|
||||
* for user authentication. The file is stored as $PGDATA/pg_pwd.
|
||||
*---------------------------------------------------------------------
|
||||
*/
|
||||
|
@ -56,11 +56,11 @@ void UpdatePgPwdFile(char* sql) {
|
|||
tempname = (char*)malloc(strlen(filename) + 12);
|
||||
sprintf(tempname, "%s.%d", filename, MyProcPid);
|
||||
|
||||
/* Copy the contents of pg_user to the pg_pwd ASCII file using a the SEPCHAR
|
||||
/* Copy the contents of pg_shadow to the pg_pwd ASCII file using a the SEPCHAR
|
||||
* character as the delimiter between fields. Then rename the file to its
|
||||
* final name.
|
||||
*/
|
||||
sprintf(sql, "copy %s to '%s' using delimiters %s", UserRelationName, tempname, CRYPT_PWD_FILE_SEPCHAR);
|
||||
sprintf(sql, "copy %s to '%s' using delimiters %s", ShadowRelationName, tempname, CRYPT_PWD_FILE_SEPCHAR);
|
||||
pg_exec_query(sql, (char**)NULL, (Oid*)NULL, 0);
|
||||
rename(tempname, filename);
|
||||
free((void*)tempname);
|
||||
|
@ -76,15 +76,15 @@ void UpdatePgPwdFile(char* sql) {
|
|||
/*---------------------------------------------------------------------
|
||||
* DefineUser
|
||||
*
|
||||
* Add the user to the pg_user relation, and if specified make sure the
|
||||
* Add the user to the pg_shadow relation, and if specified make sure the
|
||||
* user is specified in the desired groups of defined in pg_group.
|
||||
*---------------------------------------------------------------------
|
||||
*/
|
||||
void DefineUser(CreateUserStmt *stmt) {
|
||||
|
||||
char* pg_user;
|
||||
Relation pg_user_rel;
|
||||
TupleDesc pg_user_dsc;
|
||||
Relation pg_shadow_rel;
|
||||
TupleDesc pg_shadow_dsc;
|
||||
HeapScanDesc scan;
|
||||
HeapTuple tuple;
|
||||
Datum datum;
|
||||
|
@ -101,34 +101,34 @@ void DefineUser(CreateUserStmt *stmt) {
|
|||
if (!(inblock = IsTransactionBlock()))
|
||||
BeginTransactionBlock();
|
||||
|
||||
/* Make sure the user attempting to create a user can insert into the pg_user
|
||||
/* Make sure the user attempting to create a user can insert into the pg_shadow
|
||||
* relation.
|
||||
*/
|
||||
pg_user = GetPgUserName();
|
||||
if (pg_aclcheck(UserRelationName, pg_user, ACL_RD | ACL_WR | ACL_AP) != ACLCHECK_OK) {
|
||||
if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR | ACL_AP) != ACLCHECK_OK) {
|
||||
UserAbortTransactionBlock();
|
||||
elog(ERROR, "defineUser: user \"%s\" does not have SELECT and INSERT privilege for \"%s\"",
|
||||
pg_user, UserRelationName);
|
||||
pg_user, ShadowRelationName);
|
||||
return;
|
||||
}
|
||||
|
||||
/* Scan the pg_user relation to be certain the user doesn't already exist.
|
||||
/* Scan the pg_shadow relation to be certain the user doesn't already exist.
|
||||
*/
|
||||
pg_user_rel = heap_openr(UserRelationName);
|
||||
pg_user_dsc = RelationGetTupleDescriptor(pg_user_rel);
|
||||
/* Secure a write lock on pg_user so we can be sure of what the next usesysid
|
||||
pg_shadow_rel = heap_openr(ShadowRelationName);
|
||||
pg_shadow_dsc = RelationGetTupleDescriptor(pg_shadow_rel);
|
||||
/* Secure a write lock on pg_shadow so we can be sure of what the next usesysid
|
||||
* should be.
|
||||
*/
|
||||
RelationSetLockForWrite(pg_user_rel);
|
||||
RelationSetLockForWrite(pg_shadow_rel);
|
||||
|
||||
scan = heap_beginscan(pg_user_rel, false, false, 0, NULL);
|
||||
scan = heap_beginscan(pg_shadow_rel, false, false, 0, NULL);
|
||||
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer))) {
|
||||
datum = heap_getattr(tuple, Anum_pg_user_usename, pg_user_dsc, &n);
|
||||
datum = heap_getattr(tuple, Anum_pg_shadow_usename, pg_shadow_dsc, &n);
|
||||
|
||||
if (!exists && !strncmp((char*)datum, stmt->user, strlen(stmt->user)))
|
||||
exists = true;
|
||||
|
||||
datum = heap_getattr(tuple, Anum_pg_user_usesysid, pg_user_dsc, &n);
|
||||
datum = heap_getattr(tuple, Anum_pg_shadow_usesysid, pg_shadow_dsc, &n);
|
||||
if ((int)datum > max_id)
|
||||
max_id = (int)datum;
|
||||
|
||||
|
@ -137,8 +137,8 @@ void DefineUser(CreateUserStmt *stmt) {
|
|||
heap_endscan(scan);
|
||||
|
||||
if (exists) {
|
||||
RelationUnsetLockForWrite(pg_user_rel);
|
||||
heap_close(pg_user_rel);
|
||||
RelationUnsetLockForWrite(pg_shadow_rel);
|
||||
heap_close(pg_shadow_rel);
|
||||
UserAbortTransactionBlock();
|
||||
elog(ERROR, "defineUser: user \"%s\" has already been created", stmt->user);
|
||||
return;
|
||||
|
@ -146,7 +146,7 @@ void DefineUser(CreateUserStmt *stmt) {
|
|||
|
||||
/* Build the insert statment to be executed.
|
||||
*/
|
||||
sprintf(sql, "insert into %s(usename,usesysid,usecreatedb,usetrace,usesuper,usecatupd,passwd", UserRelationName);
|
||||
sprintf(sql, "insert into %s(usename,usesysid,usecreatedb,usetrace,usesuper,usecatupd,passwd", ShadowRelationName);
|
||||
/* if (stmt->password)
|
||||
strcat(sql, ",passwd"); -- removed so that insert empty string when no password */
|
||||
if (stmt->validUntil)
|
||||
|
@ -186,8 +186,8 @@ void DefineUser(CreateUserStmt *stmt) {
|
|||
/* This goes after the UpdatePgPwdFile to be certain that two backends to not
|
||||
* attempt to write to the pg_pwd file at the same time.
|
||||
*/
|
||||
RelationUnsetLockForWrite(pg_user_rel);
|
||||
heap_close(pg_user_rel);
|
||||
RelationUnsetLockForWrite(pg_shadow_rel);
|
||||
heap_close(pg_shadow_rel);
|
||||
|
||||
if (IsTransactionBlock() && !inblock)
|
||||
EndTransactionBlock();
|
||||
|
@ -197,8 +197,8 @@ void DefineUser(CreateUserStmt *stmt) {
|
|||
extern void AlterUser(AlterUserStmt *stmt) {
|
||||
|
||||
char* pg_user;
|
||||
Relation pg_user_rel;
|
||||
TupleDesc pg_user_dsc;
|
||||
Relation pg_shadow_rel;
|
||||
TupleDesc pg_shadow_dsc;
|
||||
HeapScanDesc scan;
|
||||
HeapTuple tuple;
|
||||
Datum datum;
|
||||
|
@ -214,29 +214,29 @@ extern void AlterUser(AlterUserStmt *stmt) {
|
|||
if (!(inblock = IsTransactionBlock()))
|
||||
BeginTransactionBlock();
|
||||
|
||||
/* Make sure the user attempting to create a user can insert into the pg_user
|
||||
/* Make sure the user attempting to create a user can insert into the pg_shadow
|
||||
* relation.
|
||||
*/
|
||||
pg_user = GetPgUserName();
|
||||
if (pg_aclcheck(UserRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) {
|
||||
if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) {
|
||||
UserAbortTransactionBlock();
|
||||
elog(ERROR, "alterUser: user \"%s\" does not have SELECT and UPDATE privilege for \"%s\"",
|
||||
pg_user, UserRelationName);
|
||||
pg_user, ShadowRelationName);
|
||||
return;
|
||||
}
|
||||
|
||||
/* Scan the pg_user relation to be certain the user exists.
|
||||
/* Scan the pg_shadow relation to be certain the user exists.
|
||||
*/
|
||||
pg_user_rel = heap_openr(UserRelationName);
|
||||
pg_user_dsc = RelationGetTupleDescriptor(pg_user_rel);
|
||||
/* Secure a write lock on pg_user so we can be sure that when the dump of
|
||||
pg_shadow_rel = heap_openr(ShadowRelationName);
|
||||
pg_shadow_dsc = RelationGetTupleDescriptor(pg_shadow_rel);
|
||||
/* Secure a write lock on pg_shadow so we can be sure that when the dump of
|
||||
* the pg_pwd file is done, there is not another backend doing the same.
|
||||
*/
|
||||
RelationSetLockForWrite(pg_user_rel);
|
||||
RelationSetLockForWrite(pg_shadow_rel);
|
||||
|
||||
scan = heap_beginscan(pg_user_rel, false, false, 0, NULL);
|
||||
scan = heap_beginscan(pg_shadow_rel, false, false, 0, NULL);
|
||||
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer))) {
|
||||
datum = heap_getattr(tuple, Anum_pg_user_usename, pg_user_dsc, &n);
|
||||
datum = heap_getattr(tuple, Anum_pg_shadow_usename, pg_shadow_dsc, &n);
|
||||
|
||||
if (!strncmp((char*)datum, stmt->user, strlen(stmt->user))) {
|
||||
exists = true;
|
||||
|
@ -247,8 +247,8 @@ extern void AlterUser(AlterUserStmt *stmt) {
|
|||
heap_endscan(scan);
|
||||
|
||||
if (!exists) {
|
||||
RelationUnsetLockForWrite(pg_user_rel);
|
||||
heap_close(pg_user_rel);
|
||||
RelationUnsetLockForWrite(pg_shadow_rel);
|
||||
heap_close(pg_shadow_rel);
|
||||
UserAbortTransactionBlock();
|
||||
elog(ERROR, "alterUser: user \"%s\" does not exist", stmt->user);
|
||||
return;
|
||||
|
@ -256,7 +256,7 @@ extern void AlterUser(AlterUserStmt *stmt) {
|
|||
|
||||
/* Create the update statement to modify the user.
|
||||
*/
|
||||
sprintf(sql, "update %s set", UserRelationName);
|
||||
sprintf(sql, "update %s set", ShadowRelationName);
|
||||
sql_end = sql;
|
||||
if (stmt->password) {
|
||||
sql_end += strlen(sql_end);
|
||||
|
@ -296,8 +296,8 @@ extern void AlterUser(AlterUserStmt *stmt) {
|
|||
|
||||
UpdatePgPwdFile(sql);
|
||||
|
||||
RelationUnsetLockForWrite(pg_user_rel);
|
||||
heap_close(pg_user_rel);
|
||||
RelationUnsetLockForWrite(pg_shadow_rel);
|
||||
heap_close(pg_shadow_rel);
|
||||
|
||||
if (IsTransactionBlock() && !inblock)
|
||||
EndTransactionBlock();
|
||||
|
@ -307,7 +307,7 @@ extern void AlterUser(AlterUserStmt *stmt) {
|
|||
extern void RemoveUser(char* user) {
|
||||
|
||||
char* pg_user;
|
||||
Relation pg_user_rel,
|
||||
Relation pg_shadow_rel,
|
||||
pg_rel;
|
||||
TupleDesc pg_dsc;
|
||||
HeapScanDesc scan;
|
||||
|
@ -324,33 +324,33 @@ extern void RemoveUser(char* user) {
|
|||
if (!(inblock = IsTransactionBlock()))
|
||||
BeginTransactionBlock();
|
||||
|
||||
/* Make sure the user attempting to create a user can delete from the pg_user
|
||||
/* Make sure the user attempting to create a user can delete from the pg_shadow
|
||||
* relation.
|
||||
*/
|
||||
pg_user = GetPgUserName();
|
||||
if (pg_aclcheck(UserRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) {
|
||||
if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) {
|
||||
UserAbortTransactionBlock();
|
||||
elog(ERROR, "removeUser: user \"%s\" does not have SELECT and DELETE privilege for \"%s\"",
|
||||
pg_user, UserRelationName);
|
||||
pg_user, ShadowRelationName);
|
||||
return;
|
||||
}
|
||||
|
||||
/* Perform a scan of the pg_user relation to find the usesysid of the user to
|
||||
/* Perform a scan of the pg_shadow relation to find the usesysid of the user to
|
||||
* be deleted. If it is not found, then return a warning message.
|
||||
*/
|
||||
pg_user_rel = heap_openr(UserRelationName);
|
||||
pg_dsc = RelationGetTupleDescriptor(pg_user_rel);
|
||||
/* Secure a write lock on pg_user so we can be sure that when the dump of
|
||||
pg_shadow_rel = heap_openr(ShadowRelationName);
|
||||
pg_dsc = RelationGetTupleDescriptor(pg_shadow_rel);
|
||||
/* Secure a write lock on pg_shadow so we can be sure that when the dump of
|
||||
* the pg_pwd file is done, there is not another backend doing the same.
|
||||
*/
|
||||
RelationSetLockForWrite(pg_user_rel);
|
||||
RelationSetLockForWrite(pg_shadow_rel);
|
||||
|
||||
scan = heap_beginscan(pg_user_rel, false, false, 0, NULL);
|
||||
scan = heap_beginscan(pg_shadow_rel, false, false, 0, NULL);
|
||||
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer))) {
|
||||
datum = heap_getattr(tuple, Anum_pg_user_usename, pg_dsc, &n);
|
||||
datum = heap_getattr(tuple, Anum_pg_shadow_usename, pg_dsc, &n);
|
||||
|
||||
if (!strncmp((char*)datum, user, strlen(user))) {
|
||||
usesysid = (int)heap_getattr(tuple, Anum_pg_user_usesysid, pg_dsc, &n);
|
||||
usesysid = (int)heap_getattr(tuple, Anum_pg_shadow_usesysid, pg_dsc, &n);
|
||||
ReleaseBuffer(buffer);
|
||||
break;
|
||||
}
|
||||
|
@ -359,8 +359,8 @@ extern void RemoveUser(char* user) {
|
|||
heap_endscan(scan);
|
||||
|
||||
if (usesysid == -1) {
|
||||
RelationUnsetLockForWrite(pg_user_rel);
|
||||
heap_close(pg_user_rel);
|
||||
RelationUnsetLockForWrite(pg_shadow_rel);
|
||||
heap_close(pg_shadow_rel);
|
||||
UserAbortTransactionBlock();
|
||||
elog(ERROR, "removeUser: user \"%s\" does not exist", user);
|
||||
return;
|
||||
|
@ -399,8 +399,8 @@ extern void RemoveUser(char* user) {
|
|||
if (dbase)
|
||||
free((void*)dbase);
|
||||
|
||||
/* Since pg_user is global over all databases, one of two things must be done
|
||||
* to insure complete consistency. First, pg_user could be made non-global.
|
||||
/* Since pg_shadow is global over all databases, one of two things must be done
|
||||
* to insure complete consistency. First, pg_shadow could be made non-global.
|
||||
* This would elminate the code above for deleting database and would require
|
||||
* the addition of code to delete tables, views, etc owned by the user.
|
||||
*
|
||||
|
@ -414,15 +414,15 @@ extern void RemoveUser(char* user) {
|
|||
*
|
||||
*/
|
||||
|
||||
/* Remove the user from the pg_user table
|
||||
/* Remove the user from the pg_shadow table
|
||||
*/
|
||||
sprintf(sql, "delete from %s where usename = '%s'", UserRelationName, user);
|
||||
sprintf(sql, "delete from %s where usename = '%s'", ShadowRelationName, user);
|
||||
pg_exec_query(sql, (char**)NULL, (Oid*)NULL, 0);
|
||||
|
||||
UpdatePgPwdFile(sql);
|
||||
|
||||
RelationUnsetLockForWrite(pg_user_rel);
|
||||
heap_close(pg_user_rel);
|
||||
RelationUnsetLockForWrite(pg_shadow_rel);
|
||||
heap_close(pg_shadow_rel);
|
||||
|
||||
if (IsTransactionBlock() && !inblock)
|
||||
EndTransactionBlock();
|
||||
|
@ -431,25 +431,25 @@ extern void RemoveUser(char* user) {
|
|||
/*
|
||||
* CheckPgUserAclNotNull
|
||||
*
|
||||
* check to see if there is an ACL on pg_user
|
||||
* check to see if there is an ACL on pg_shadow
|
||||
*/
|
||||
static void CheckPgUserAclNotNull()
|
||||
{
|
||||
HeapTuple htp;
|
||||
|
||||
htp = SearchSysCacheTuple(RELNAME, PointerGetDatum(UserRelationName),
|
||||
htp = SearchSysCacheTuple(RELNAME, PointerGetDatum(ShadowRelationName),
|
||||
0, 0, 0);
|
||||
if (!HeapTupleIsValid(htp))
|
||||
{
|
||||
elog(ERROR, "IsPgUserAclNull: class \"%s\" not found",
|
||||
UserRelationName);
|
||||
ShadowRelationName);
|
||||
}
|
||||
|
||||
if (heap_attisnull(htp, Anum_pg_class_relacl))
|
||||
{
|
||||
elog(NOTICE, "To use passwords, you have to revoke permissions on pg_user");
|
||||
elog(NOTICE, "To use passwords, you have to revoke permissions on pg_shadow");
|
||||
elog(NOTICE, "so normal users can not read the passwords.");
|
||||
elog(ERROR, "Try 'REVOKE ALL ON pg_user FROM PUBLIC'");
|
||||
elog(ERROR, "Try 'REVOKE ALL ON pg_shadow FROM PUBLIC'");
|
||||
}
|
||||
|
||||
return;
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.25 1998/01/31 20:12:06 scrappy Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.26 1998/02/25 13:06:49 scrappy Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
@ -605,7 +605,7 @@ static void readPasswordPacket(char *arg, PacketLen len, char *pkt)
|
|||
|
||||
/*
|
||||
* Use the local flat password file if clear passwords are used and the file is
|
||||
* specified. Otherwise use the password in the pg_user table, encrypted or
|
||||
* specified. Otherwise use the password in the pg_shadow table, encrypted or
|
||||
* not.
|
||||
*/
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*-------------------------------------------------------------------------
|
||||
*
|
||||
* crypt.c--
|
||||
* Look into pg_user and check the encrypted password with the one
|
||||
* Look into pg_shadow and check the encrypted password with the one
|
||||
* passed in from the frontend.
|
||||
*
|
||||
* Modification History
|
||||
|
@ -119,7 +119,7 @@ void crypt_loadpwdfile() {
|
|||
|
||||
/* We want to delete the flag file before reading the contents of the pg_pwd
|
||||
* file. If result == 0 then the unlink of the reload file was successful.
|
||||
* This means that a backend performed a COPY of the pg_user file to
|
||||
* This means that a backend performed a COPY of the pg_shadow file to
|
||||
* pg_pwd. Therefore we must now do a reload.
|
||||
*/
|
||||
if (!pwd_cache || !result) {
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 2.4 1998/02/18 07:25:57 thomas Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 2.5 1998/02/25 13:07:08 scrappy Exp $
|
||||
*
|
||||
* HISTORY
|
||||
* AUTHOR DATE MAJOR EVENT
|
||||
|
@ -88,7 +88,7 @@ Oid param_type(int t); /* used in parse_expr.c */
|
|||
char chr;
|
||||
char *str;
|
||||
bool boolean;
|
||||
bool* pboolean; /* for pg_user privileges */
|
||||
bool* pboolean; /* for pg_shadow privileges */
|
||||
List *list;
|
||||
Node *node;
|
||||
Value *value;
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteHandler.c,v 1.12 1998/02/21 06:31:57 scrappy Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteHandler.c,v 1.13 1998/02/25 13:07:18 scrappy Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
@ -32,7 +32,7 @@
|
|||
|
||||
#include "utils/syscache.h"
|
||||
#include "utils/acl.h"
|
||||
#include "catalog/pg_user.h"
|
||||
#include "catalog/pg_shadow.h"
|
||||
|
||||
static void ApplyRetrieveRule(Query *parsetree, RewriteRule *rule,
|
||||
int rt_index, int relation_level,
|
||||
|
@ -827,7 +827,7 @@ CheckViewPerms(Relation view, List *rtable)
|
|||
view->rd_rel->relowner);
|
||||
}
|
||||
StrNCpy(uname.data,
|
||||
((Form_pg_user) GETSTRUCT(utup))->usename.data,
|
||||
((Form_pg_shadow) GETSTRUCT(utup))->usename.data,
|
||||
NAMEDATALEN);
|
||||
|
||||
/*
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.25 1998/02/24 03:31:47 scrappy Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.26 1998/02/25 13:07:43 scrappy Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
@ -19,7 +19,7 @@
|
|||
#include "utils/acl.h"
|
||||
#include "utils/syscache.h"
|
||||
#include "catalog/catalog.h"
|
||||
#include "catalog/pg_user.h"
|
||||
#include "catalog/pg_shadow.h"
|
||||
#include "miscadmin.h"
|
||||
|
||||
static char *getid(char *s, char *n);
|
||||
|
@ -158,7 +158,7 @@ aclparse(char *s, AclItem *aip, unsigned *modechg)
|
|||
0, 0, 0);
|
||||
if (!HeapTupleIsValid(htp))
|
||||
elog(ERROR, "aclparse: non-existent user \"%s\"", name);
|
||||
aip->ai_id = ((Form_pg_user) GETSTRUCT(htp))->usesysid;
|
||||
aip->ai_id = ((Form_pg_shadow) GETSTRUCT(htp))->usesysid;
|
||||
break;
|
||||
case ACL_IDTYPE_GID:
|
||||
aip->ai_id = get_grosysid(name);
|
||||
|
@ -285,7 +285,7 @@ aclitemout(AclItem *aip)
|
|||
pfree(tmp);
|
||||
}
|
||||
else
|
||||
strncat(p, (char *) &((Form_pg_user)
|
||||
strncat(p, (char *) &((Form_pg_shadow)
|
||||
GETSTRUCT(htp))->usename,
|
||||
sizeof(NameData));
|
||||
break;
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/cache/syscache.c,v 1.14 1998/02/11 19:12:49 momjian Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/cache/syscache.c,v 1.15 1998/02/25 13:07:50 scrappy Exp $
|
||||
*
|
||||
* NOTES
|
||||
* These routines allow the parser/planner/executor to perform
|
||||
|
@ -48,7 +48,7 @@
|
|||
#include "catalog/pg_type.h"
|
||||
#include "catalog/pg_rewrite.h"
|
||||
#include "catalog/pg_aggregate.h"
|
||||
#include "catalog/pg_user.h"
|
||||
#include "catalog/pg_shadow.h"
|
||||
#include "storage/large_object.h"
|
||||
#include "catalog/pg_listener.h"
|
||||
|
||||
|
@ -254,22 +254,22 @@ static struct cachedesc cacheinfo[] = {
|
|||
sizeof(FormData_pg_listener),
|
||||
NULL,
|
||||
(ScanFunc) NULL},
|
||||
{UserRelationName, /* USENAME */
|
||||
{ShadowRelationName, /* USENAME */
|
||||
1,
|
||||
{Anum_pg_user_usename,
|
||||
{Anum_pg_shadow_usename,
|
||||
0,
|
||||
0,
|
||||
0},
|
||||
sizeof(FormData_pg_user),
|
||||
sizeof(FormData_pg_shadow),
|
||||
NULL,
|
||||
(ScanFunc) NULL},
|
||||
{UserRelationName, /* USESYSID */
|
||||
{ShadowRelationName, /* USESYSID */
|
||||
1,
|
||||
{Anum_pg_user_usesysid,
|
||||
{Anum_pg_shadow_usesysid,
|
||||
0,
|
||||
0,
|
||||
0},
|
||||
sizeof(FormData_pg_user),
|
||||
sizeof(FormData_pg_shadow),
|
||||
NULL,
|
||||
(ScanFunc) NULL},
|
||||
{GroupRelationName, /* GRONAME */
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/init/globals.c,v 1.19 1998/01/26 01:41:42 scrappy Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/init/globals.c,v 1.20 1998/02/25 13:08:00 scrappy Exp $
|
||||
*
|
||||
* NOTES
|
||||
* Globals used all over the place should be declared here and not
|
||||
|
@ -110,7 +110,7 @@ char *SharedSystemRelationNames[] = {
|
|||
DatabaseRelationName,
|
||||
GroupRelationName,
|
||||
LogRelationName,
|
||||
UserRelationName,
|
||||
ShadowRelationName,
|
||||
VariableRelationName,
|
||||
0
|
||||
};
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.10 1998/02/24 15:20:16 scrappy Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.11 1998/02/25 13:08:09 scrappy Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
@ -32,7 +32,7 @@
|
|||
#include "miscadmin.h" /* where the declarations go */
|
||||
|
||||
#include "catalog/catname.h"
|
||||
#include "catalog/pg_user.h"
|
||||
#include "catalog/pg_shadow.h"
|
||||
#include "catalog/pg_proc.h"
|
||||
#include "utils/syscache.h"
|
||||
|
||||
|
@ -483,6 +483,6 @@ SetUserId()
|
|||
if (!HeapTupleIsValid(userTup))
|
||||
elog(FATAL, "SetUserId: user \"%s\" is not in \"%s\"",
|
||||
userName,
|
||||
UserRelationName);
|
||||
UserId = (Oid) ((Form_pg_user) GETSTRUCT(userTup))->usesysid;
|
||||
ShadowRelationName);
|
||||
UserId = (Oid) ((Form_pg_shadow) GETSTRUCT(userTup))->usesysid;
|
||||
}
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/misc/superuser.c,v 1.4 1997/09/08 02:32:00 momjian Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/misc/superuser.c,v 1.5 1998/02/25 13:08:23 scrappy Exp $
|
||||
*
|
||||
* DESCRIPTION
|
||||
* See superuser().
|
||||
|
@ -17,7 +17,7 @@
|
|||
|
||||
#include <postgres.h>
|
||||
#include <utils/syscache.h>
|
||||
#include <catalog/pg_user.h>
|
||||
#include <catalog/pg_shadow.h>
|
||||
|
||||
bool
|
||||
superuser(void)
|
||||
|
@ -33,5 +33,5 @@ superuser(void)
|
|||
utup = SearchSysCacheTuple(USENAME, PointerGetDatum(UserName),
|
||||
0, 0, 0);
|
||||
Assert(utup != NULL);
|
||||
return ((Form_pg_user) GETSTRUCT(utup))->usesuper;
|
||||
return ((Form_pg_shadow) GETSTRUCT(utup))->usesuper;
|
||||
}
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
#
|
||||
#
|
||||
# IDENTIFICATION
|
||||
# $Header: /cvsroot/pgsql/src/bin/createuser/Attic/createuser.sh,v 1.8 1997/05/07 02:59:46 scrappy Exp $
|
||||
# $Header: /cvsroot/pgsql/src/bin/createuser/Attic/createuser.sh,v 1.9 1998/02/25 13:08:37 scrappy Exp $
|
||||
#
|
||||
# Note - this should NOT be setuid.
|
||||
#
|
||||
|
@ -203,7 +203,7 @@ else
|
|||
CANADDUSER=f
|
||||
fi
|
||||
|
||||
QUERY="insert into pg_user \
|
||||
QUERY="insert into pg_shadow \
|
||||
(usename, usesysid, usecreatedb, usetrace, usesuper, usecatupd) \
|
||||
values \
|
||||
('$NEWUSER', $SYSID, '$CANCREATE', 't', '$CANADDUSER','t')"
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
#
|
||||
#
|
||||
# IDENTIFICATION
|
||||
# $Header: /cvsroot/pgsql/src/bin/destroyuser/Attic/destroyuser.sh,v 1.7 1997/05/07 02:59:52 scrappy Exp $
|
||||
# $Header: /cvsroot/pgsql/src/bin/destroyuser/Attic/destroyuser.sh,v 1.8 1998/02/25 13:08:55 scrappy Exp $
|
||||
#
|
||||
# Note - this should NOT be setuid.
|
||||
#
|
||||
|
@ -182,7 +182,7 @@ then
|
|||
done
|
||||
fi
|
||||
|
||||
QUERY="delete from pg_user where usename = '$DELUSER'"
|
||||
QUERY="delete from pg_shadow where usename = '$DELUSER'"
|
||||
|
||||
$PSQL -c "$QUERY" template1
|
||||
if [ $? -ne 0 ]
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
#
|
||||
#
|
||||
# IDENTIFICATION
|
||||
# $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.36 1998/02/23 20:32:40 scrappy Exp $
|
||||
# $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.37 1998/02/25 13:09:02 scrappy Exp $
|
||||
#
|
||||
#-------------------------------------------------------------------------
|
||||
|
||||
|
@ -351,21 +351,32 @@ echo "vacuuming template1"
|
|||
echo "vacuum" | postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
|
||||
grep -v "^DEBUG:"
|
||||
|
||||
echo "COPY pg_user TO '$PGDATA/pg_pwd' USING DELIMITERS '\\t'" |\
|
||||
echo "COPY pg_shadow TO '$PGDATA/pg_pwd' USING DELIMITERS '\\t'" |\
|
||||
postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
|
||||
grep -v "'DEBUG:"
|
||||
|
||||
echo "GRANT SELECT ON pg_class TO PUBLIC" |\
|
||||
postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
|
||||
|
||||
echo "CREATE RULE pg_user_hide_pw as on SELECT to pg_user.passwd DO INSTEAD SELECT '********' as passwd;" | \
|
||||
echo "creating public pg_user view"
|
||||
echo "CREATE TABLE xpg_user ( \
|
||||
usename name, \
|
||||
usesysid int4, \
|
||||
usecreatedb bool, \
|
||||
usetrace bool, \
|
||||
usesuper bool, \
|
||||
usecatupd bool, \
|
||||
passwd text, \
|
||||
valuntil abstime);" |\
|
||||
postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
|
||||
grep -v "'DEBUG:"
|
||||
|
||||
echo "create view db_user as select * from pg_user;" |\
|
||||
echo "UPDATE pg_class SET relname = 'pg_user' WHERE relname = 'xpg_user';" |\
|
||||
postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
|
||||
grep -v "'DEBUG:"
|
||||
echo "grant select on db_user to public" |\
|
||||
echo "CREATE RULE _RETpg_user AS ON SELECT TO pg_user DO INSTEAD \
|
||||
SELECT usename, usesysid, usecreatedb, usetrace, \
|
||||
usesuper, usecatupd, '********'::text as passwd, \
|
||||
valuntil FROM pg_shadow;" |\
|
||||
postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
|
||||
grep -v "'DEBUG:"
|
||||
echo "REVOKE ALL on pg_shadow FROM public" |\
|
||||
postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
|
||||
grep -v "'DEBUG:"
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
* Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Id: catname.h,v 1.8 1997/11/15 20:57:38 momjian Exp $
|
||||
* $Id: catname.h,v 1.9 1998/02/25 13:09:21 scrappy Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
@ -35,9 +35,9 @@
|
|||
#define ProcedureRelationName "pg_proc"
|
||||
#define RelationRelationName "pg_class"
|
||||
#define RewriteRelationName "pg_rewrite"
|
||||
#define ShadowRelationName "pg_shadow"
|
||||
#define StatisticRelationName "pg_statistic"
|
||||
#define TypeRelationName "pg_type"
|
||||
#define UserRelationName "pg_user"
|
||||
#define VariableRelationName "pg_variable"
|
||||
#define VersionRelationName "pg_version"
|
||||
#define AttrDefaultRelationName "pg_attrdef"
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
* Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Id: pg_attribute.h,v 1.28 1998/02/13 19:46:09 momjian Exp $
|
||||
* $Id: pg_attribute.h,v 1.29 1998/02/25 13:09:24 scrappy Exp $
|
||||
*
|
||||
* NOTES
|
||||
* the genbki.sh script reads this file and generates .bki
|
||||
|
@ -275,7 +275,7 @@ DATA(insert OID = 0 ( 1255 xmax 28 0 4 -5 0 -1 -1 f f i f f));
|
|||
DATA(insert OID = 0 ( 1255 cmax 29 0 4 -6 0 -1 -1 t f i f f));
|
||||
|
||||
/* ----------------
|
||||
* pg_user
|
||||
* pg_shadow
|
||||
* ----------------
|
||||
*/
|
||||
DATA(insert OID = 0 ( 1260 usename 19 0 NAMEDATALEN 1 0 -1 -1 f f i f f));
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
* Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Id: pg_class.h,v 1.18 1998/01/16 23:20:52 momjian Exp $
|
||||
* $Id: pg_class.h,v 1.19 1998/02/25 13:09:25 scrappy Exp $
|
||||
*
|
||||
* NOTES
|
||||
* ``pg_relation'' is being replaced by ``pg_class''. currently
|
||||
|
@ -125,7 +125,7 @@ DATA(insert OID = 1255 ( pg_proc 81 PGUID 0 0 0 f f r 16 0 0 f _null_ ));
|
|||
DESCR("");
|
||||
DATA(insert OID = 1259 ( pg_class 83 PGUID 0 0 0 f f r 14 0 0 f _null_ ));
|
||||
DESCR("");
|
||||
DATA(insert OID = 1260 ( pg_user 86 PGUID 0 0 0 f t r 8 0 0 f _null_ ));
|
||||
DATA(insert OID = 1260 ( pg_shadow 86 PGUID 0 0 0 f t r 8 0 0 f _null_ ));
|
||||
DESCR("");
|
||||
DATA(insert OID = 1261 ( pg_group 87 PGUID 0 0 0 f t s 3 0 0 f _null_ ));
|
||||
DESCR("");
|
||||
|
@ -146,7 +146,7 @@ DESCR("");
|
|||
#define RelOid_pg_attribute 1249
|
||||
#define RelOid_pg_proc 1255
|
||||
#define RelOid_pg_class 1259
|
||||
#define RelOid_pg_user 1260
|
||||
#define RelOid_pg_shadow 1260
|
||||
#define RelOid_pg_group 1261
|
||||
#define RelOid_pg_database 1262
|
||||
#define RelOid_pg_variable 1264
|
||||
|
|
|
@ -0,0 +1,105 @@
|
|||
/*-------------------------------------------------------------------------
|
||||
*
|
||||
* pg_shadow.h--
|
||||
* definition of the system "shadow" relation (pg_shadow)
|
||||
* along with the relation's initial contents.
|
||||
* pg_user is now a public accessible view on pg_shadow.
|
||||
*
|
||||
*
|
||||
* Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Id: pg_shadow.h,v 1.1 1998/02/25 13:09:26 scrappy Exp $
|
||||
*
|
||||
* NOTES
|
||||
* the genbki.sh script reads this file and generates .bki
|
||||
* information from the DATA() statements.
|
||||
*
|
||||
* WHENEVER the definition for pg_shadow changes, the
|
||||
* view creation of pg_user must be changed in initdb.sh!
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
#ifndef PG_SHADOW_H
|
||||
#define PG_SHADOW_H
|
||||
|
||||
|
||||
/* Prototype required for superuser() from superuser.c */
|
||||
|
||||
bool superuser(void);
|
||||
|
||||
/* ----------------
|
||||
* pg_shadow definition. cpp turns this into
|
||||
* typedef struct FormData_pg_shadow
|
||||
* ----------------
|
||||
*/
|
||||
CATALOG(pg_shadow) BOOTSTRAP
|
||||
{
|
||||
NameData usename;
|
||||
int4 usesysid;
|
||||
bool usecreatedb;
|
||||
bool usetrace;
|
||||
bool usesuper;
|
||||
bool usecatupd;
|
||||
text passwd;
|
||||
int4 valuntil;
|
||||
} FormData_pg_shadow;
|
||||
|
||||
/* ----------------
|
||||
* Form_pg_shadow corresponds to a pointer to a tuple with
|
||||
* the format of pg_shadow relation.
|
||||
* ----------------
|
||||
*/
|
||||
typedef FormData_pg_shadow *Form_pg_shadow;
|
||||
|
||||
/* ----------------
|
||||
* compiler constants for pg_shadow
|
||||
* ----------------
|
||||
*/
|
||||
#define Natts_pg_shadow 8
|
||||
#define Anum_pg_shadow_usename 1
|
||||
#define Anum_pg_shadow_usesysid 2
|
||||
#define Anum_pg_shadow_usecreatedb 3
|
||||
#define Anum_pg_shadow_usetrace 4
|
||||
#define Anum_pg_shadow_usesuper 5
|
||||
#define Anum_pg_shadow_usecatupd 6
|
||||
#define Anum_pg_shadow_passwd 7
|
||||
#define Anum_pg_shadow_valuntil 8
|
||||
|
||||
/* ----------------
|
||||
* initial contents of pg_shadow
|
||||
* ----------------
|
||||
*/
|
||||
DATA(insert OID = 0 ( postgres PGUID t t t t _null_ 2116994400 ));
|
||||
|
||||
BKI_BEGIN
|
||||
#ifdef ALLOW_PG_GROUP
|
||||
BKI_END
|
||||
|
||||
DATA(insert OID = 0 ( mike 799 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( mao 1806 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( hellers 1089 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( joey 5209 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( jolly 5443 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( sunita 6559 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( paxson 3029 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( marc 2435 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( jiangwu 6124 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( aoki 2360 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( avi 31080 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( kristin 1123 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( andrew 5229 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( nobuko 5493 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( hartzell 6676 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( devine 6724 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( boris 6396 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( sklower 354 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( marcel 31113 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( ginger 3692 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( woodruff 31026 t t t t _null_ 2116994400 ));
|
||||
DATA(insert OID = 0 ( searcher 8261 t t t t _null_ 2116994400 ));
|
||||
|
||||
BKI_BEGIN
|
||||
#endif /* ALLOW_PG_GROUP */
|
||||
BKI_END
|
||||
|
||||
#endif /* PG_SHADOW_H */
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
* Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Id: pg_type.h,v 1.33 1998/02/10 16:04:10 momjian Exp $
|
||||
* $Id: pg_type.h,v 1.34 1998/02/25 13:09:27 scrappy Exp $
|
||||
*
|
||||
* NOTES
|
||||
* the genbki.sh script reads this file and generates .bki
|
||||
|
@ -212,7 +212,7 @@ DATA(insert OID = 71 ( pg_type PGUID 1 1 t b t \054 1247 0 foo bar foo bar c _
|
|||
DATA(insert OID = 75 ( pg_attribute PGUID 1 1 t b t \054 1249 0 foo bar foo bar c _null_));
|
||||
DATA(insert OID = 81 ( pg_proc PGUID 1 1 t b t \054 1255 0 foo bar foo bar c _null_));
|
||||
DATA(insert OID = 83 ( pg_class PGUID 1 1 t b t \054 1259 0 foo bar foo bar c _null_));
|
||||
DATA(insert OID = 86 ( pg_user PGUID 1 1 t b t \054 1260 0 foo bar foo bar c _null_));
|
||||
DATA(insert OID = 86 ( pg_shadow PGUID 1 1 t b t \054 1260 0 foo bar foo bar c _null_));
|
||||
DATA(insert OID = 87 ( pg_group PGUID 1 1 t b t \054 1261 0 foo bar foo bar c _null_));
|
||||
DATA(insert OID = 88 ( pg_database PGUID 1 1 t b t \054 1262 0 foo bar foo bar c _null_));
|
||||
DATA(insert OID = 90 ( pg_variable PGUID 1 1 t b t \054 1264 0 foo bar foo bar c _null_));
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
* Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Id: acl.h,v 1.15 1998/02/24 03:31:50 scrappy Exp $
|
||||
* $Id: acl.h,v 1.16 1998/02/25 13:09:49 scrappy Exp $
|
||||
*
|
||||
* NOTES
|
||||
* For backward-compatability purposes we have to allow there
|
||||
|
@ -39,7 +39,7 @@ typedef uint32 AclId;
|
|||
typedef uint8 AclIdType;
|
||||
|
||||
#define ACL_IDTYPE_WORLD 0x00
|
||||
#define ACL_IDTYPE_UID 0x01 /* user id - from pg_user */
|
||||
#define ACL_IDTYPE_UID 0x01 /* user id - from pg_shadow */
|
||||
#define ACL_IDTYPE_GID 0x02 /* group id - from pg_group */
|
||||
|
||||
/*
|
||||
|
|
Loading…
Reference in New Issue