PostgreSQL的 initdb 源代码分析之二十

继续分析：

    setup_privileges();

展开：

这是设置权限。

其cmd是："/home/pgsql/project/bin/postgres" --single -F -O -c search_path=pg_catalog -c exit_on_error=true template1 >/dev/null

其命令是：UPDATE pg_class SET relacl = E'{"=r/\\"$POSTGRES_SUPERUSERNAME\\""}' WHERE relkind IN ('r', 'v', 'S') AND relacl IS NULL;

/*
 * Set up privileges
 *
 * We mark most system catalogs as world-readable.    We don't currently have
 * to touch functions, languages, or databases, because their default
 * permissions are OK.
 *
 * Some objects may require different permissions by default, so we
 * make sure we don't overwrite privilege sets that have already been
 * set (NOT NULL).
 */
static void
setup_privileges(void)
{
    PG_CMD_DECL;
    char      **line;
    char      **priv_lines;
    static char *privileges_setup[] = {
        "UPDATE pg_class "
        "  SET relacl = E'{\"=r/\\\\\"$POSTGRES_SUPERUSERNAME\\\\\"\"}' "
        "  WHERE relkind IN ('r', 'v', 'S') AND relacl IS NULL;\n",
        "GRANT USAGE ON SCHEMA pg_catalog TO PUBLIC;\n",
        "GRANT CREATE, USAGE ON SCHEMA public TO PUBLIC;\n",
        "REVOKE ALL ON pg_largeobject FROM PUBLIC;\n",
        NULL
    };

    fputs(_("setting privileges on built-in objects ... "), stdout);
    fflush(stdout);

    snprintf(cmd, sizeof(cmd),
             "\"%s\" %s template1 >%s",
             backend_exec, backend_options,
             DEVNULL);
    PG_CMD_OPEN;

    priv_lines = replace_token(privileges_setup,
                               "$POSTGRES_SUPERUSERNAME", username);
    for (line = priv_lines; *line != NULL; line++)
        PG_CMD_PUTS(*line);

    PG_CMD_CLOSE;

    check_ok();
}

posted @ 2013-07-09 09:58 健哥的数据花园阅读(442) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

健哥的数据花园

PostgreSQL的 initdb 源代码分析之二十

公告