Make the world somewhat safe for (not from) DELETE FROM pg_shadow;

Assign the fixed user id 1 to the user created by initdb. A stand-alone backend will always set the user id to 1. (Consequently, the name of that user is no longer important.) In stand-alone mode, the user id 1 will have implicit superuser status, to allow repairs even if there are no users defined. Print a warning message when starting in stand-alone mode when no users are defined. Disallow dropping the current user and session user. Granting/revoking superuser status also grants/revokes usecatupd. (Previously, it would never grant it back. This could lead to "deadlocks".) CREATE USER and CREATE GROUP will start allocating user ids at 100 (unless explicitly specified), to prevent accidental creation of a superuser (plus some room for future extensions).
author: Peter Eisentraut 2001-09-08 15:24:00 +0000
committer: Peter Eisentraut 2001-09-08 15:24:00 +0000
commit: c0d4d5473a09cb7f6682a84abaee29e087c5886c (patch)
tree: b61a851605fb862d27c3764bc341de79a565bb6f /src/backend/utils/init
parent: fdbf796f3634ddf837a76f8146656299cd1d260f (diff)
2 files changed, 58 insertions, 5 deletions
diff --git a/src/backend/utils/init/miscinit.c b/src/backend/utils/init/miscinit.c
index a57f3d2624a..e6da787bc4e 100644
--- a/src/backend/utils/init/miscinit.c
+++ b/src/backend/utils/init/miscinit.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.76 2001/08/15 07:07:40 ishii Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.77 2001/09/08 15:24:00 petere Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -476,6 +476,20 @@ InitializeSessionUserId(const char *username)
 }
 
 
+void
+InitializeSessionUserIdStandalone(void)
+{
+	/* This function should only be called in a single-user backend. */
+	AssertState(!IsUnderPostmaster);
+
+	/* call only once */
+	AssertState(!OidIsValid(SessionUserId));
+
+	SetSessionUserId(BOOTSTRAP_USESYSID);
+	AuthenticatedUserIsSuperuser = true;
+}
+
+
 /*
  * Change session auth ID while running
  */
diff --git a/src/backend/utils/init/postinit.c b/src/backend/utils/init/postinit.c
index 51c95fb1415..60338397dbc 100644
--- a/src/backend/utils/init/postinit.c
+++ b/src/backend/utils/init/postinit.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/init/postinit.c,v 1.90 2001/09/07 00:27:29 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/init/postinit.c,v 1.91 2001/09/08 15:24:00 petere Exp $
  *
  *
  *-------------------------------------------------------------------------
@@ -25,6 +25,7 @@
 #include "access/heapam.h"
 #include "catalog/catname.h"
 #include "catalog/pg_database.h"
+#include "catalog/pg_shadow.h"
 #include "commands/trigger.h"
 #include "commands/variable.h"	/* for set_default_client_encoding() */
 #include "mb/pg_wchar.h"
@@ -43,6 +44,7 @@
 static void ReverifyMyDatabase(const char *name);
 static void InitCommunication(void);
 static void ShutdownPostgres(void);
+static bool ThereIsAtLeastOneUser(void);
 
 int			lockingOff = 0;		/* backend -L switch */
 
@@ -329,12 +331,24 @@ InitPostgres(const char *dbname, const char *username)
 		LockDisable(true);
 
 	/*
-	 * Figure out our postgres user id.  If bootstrapping, we can't
-	 * assume that pg_shadow exists yet, so fake it.
+	 * Figure out our postgres user id.  In standalone mode we use a
+	 * fixed id, otherwise we figure it out from the authenticated
+	 * user name.
 	 */
 	if (bootstrap)
-		SetSessionUserId(geteuid());
+		InitializeSessionUserIdStandalone();
+	else if (!IsUnderPostmaster)
+	{
+		InitializeSessionUserIdStandalone();
+		if (!ThereIsAtLeastOneUser())
+		{
+			elog(NOTICE, "There are currently no users defined in this database system.");
+			elog(NOTICE, "You should immediately run 'CREATE USER \"%s\" WITH SYSID %d CREATEUSER;'.",
+				 username, BOOTSTRAP_USESYSID);
+		}
+	}
 	else
+		/* normal multiuser case */
 		InitializeSessionUserId(username);
 
 	/*
@@ -406,3 +420,28 @@ ShutdownPostgres(void)
 	 */
 	smgrDoPendingDeletes(false);/* delete as though aborting xact */
 }
+
+
+
+/*
+ * Returns true if at least one user is defined in this database cluster.
+ */
+static bool
+ThereIsAtLeastOneUser(void)
+{
+	Relation	pg_shadow_rel;
+	TupleDesc	pg_shadow_dsc;
+	HeapScanDesc scan;
+	bool		result;
+
+	pg_shadow_rel = heap_openr(ShadowRelationName, AccessExclusiveLock);
+	pg_shadow_dsc = RelationGetDescr(pg_shadow_rel);
+
+	scan = heap_beginscan(pg_shadow_rel, false, SnapshotNow, 0, 0);
+	result = HeapTupleIsValid(heap_getnext(scan, 0));
+
+	heap_endscan(scan);
+	heap_close(pg_shadow_rel, AccessExclusiveLock);
+
+	return result;
+}
author	Peter Eisentraut	2001-09-08 15:24:00 +0000
committer	Peter Eisentraut	2001-09-08 15:24:00 +0000
commit	c0d4d5473a09cb7f6682a84abaee29e087c5886c (patch)
tree	b61a851605fb862d27c3764bc341de79a565bb6f /src/backend/utils/init
parent	fdbf796f3634ddf837a76f8146656299cd1d260f (diff)