Postgres - 更新 pg_catalog.pg_cast 的权限被拒绝

Question

Postgres - 更新 pg_catalog.pg_cast 的权限被拒绝

Pet*_*vic 1 postgresql permissions sql-grant

我想pg_catalog.pg_cast从受限用户（在 Postgres 9.3 上）进行更新。

但是运行我需要的查询：

 update pg_cast set castcontext = 'i' where oid in ( select c.oid from pg_cast c inner join pg_type src on src.oid = c.castsource inner join pg_type tgt on tgt.oid = c.casttarget where src.typname like 'int%' and tgt.typname like 'bool%');

Run Code Online (Sandbox Code Playgroud)

最终出现错误：

    ERROR:  permission denied for relation pg_cast

Run Code Online (Sandbox Code Playgroud)

但是权限似乎设置正确。请参阅我从创建数据库和用户到查询为止所做的步骤：

psql -c "create database test1 WITH ENCODING 'UTF8' LC_COLLATE='en_GB.UTF8' LC_CTYPE='en_GB.UTF8' TEMPLATE=template0;" -U postgres
psql -U postgres test1;
test1=# CREATE USER test1 PASSWORD 'test1';
test1=# GRANT ALL ON SCHEMA public TO test1;
test1=# GRANT ALL ON ALL TABLES IN SCHEMA public TO test1;
test1=# GRANT SELECT ON TABLE pg_catalog.pg_cast TO test1; 
test1=# GRANT SELECT ON TABLE pg_catalog.pg_type TO test1; 
test1=# GRANT UPDATE ON TABLE pg_catalog.pg_cast TO test1; 
test1=# \q

sudo service postgresql-9.3 restart

PGPASSWORD=test1;psql -U test1 test1

test1=> \z pg_catalog.pg_cast
                  Access privileges
   Schema   |  Name   | Type  | Access privileges | Column access privileges 
------------+---------+-------+-------------------+--------------------------
 pg_catalog | pg_cast | table | =r/postgres      +| 
        |         |       | test1=rw/postgres | 
(1 row)

test1=> \z pg_catalog.pg_type
                  Access privileges
   Schema   |  Name   | Type  | Access privileges | Column access privileges 
------------+---------+-------+-------------------+--------------------------
 pg_catalog | pg_type | table | =r/postgres      +| 
        |         |       | test1=r/postgres  | 
(1 row)

test1=> SELECT grantee, privilege_type FROM information_schema.role_table_grants WHERE table_name='pg_cast';
 grantee | privilege_type 
---------+----------------
 test1   | SELECT
 test1   | UPDATE
(2 rows)

test1=> update pg_cast set castcontext = 'i' where oid in ( select c.oid from pg_cast c inner join pg_type src on src.oid = c.castsource inner join pg_type tgt on tgt.oid = c.casttarget where src.typname like 'int%' and tgt.typname like 'bool%');
ERROR:  permission denied for relation pg_cast

Run Code Online (Sandbox Code Playgroud)

我还应该做什么来启用用户的查询执行test1？谢谢。

Answer 1

man*_*iek 5

您确实不应该直接更新系统目录。“权限被拒绝”错误是 Postgres 试图保护你免于搬起石头砸自己的脚。

如果你真的想要这样（如果你破坏了某些东西，你就可以保留两部分......）从这里开始： https: //serverfault.com/questions/300123/how-to-edit-system-catalogs-in-postgresql -8-1

归档时间：	12 年，2 月前
查看次数：	8920 次
最近记录：	7 年，7 月前