database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-09-02 04:21:28 +03:00
Code Activity

From: Jan Wieck <jwieck@debis.com>

Browse Source 
seems  that  my last post didn't make it through. That's good
    since  the  diff  itself  didn't  covered  the  renaming   of
    pg_user.h to pg_shadow.h and it's new content.

    Here  it's  again.  The  complete regression test passwd with
    only some  float  diffs.  createuser  and  destroyuser  work.
    pg_shadow cannot be read by ordinary user.
This commit is contained in:
Marc G. Fournier
1998-02-25 13:09:49 +00:00
parent d067f83b27
commit 780068f812
25 changed files with 260 additions and 144 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/backend/commands/copy.c
View File

@@ -6,7 +6,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.42 1998/02/13 19:45:38 momjian Exp $
* $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.43 1998/02/25 13:06:08 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@@ -32,7 +32,7 @@
#include <access/genam.h>
#include <catalog/pg_type.h>
#include <catalog/catname.h>
#include <catalog/pg_user.h>
#include <catalog/pg_shadow.h>
#include <commands/copy.h>
#include "commands/trigger.h"
#include <storage/fd.h>

10
src/backend/commands/dbcommands.c
View File

@@ -7,7 +7,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.6 1998/01/31 04:38:19 momjian Exp $
* $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.7 1998/02/25 13:06:09 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@@ -25,7 +25,7 @@
#include "utils/elog.h"
#include "catalog/catname.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_user.h"
#include "catalog/pg_shadow.h"
#include "catalog/pg_database.h"
#include "utils/syscache.h"
#include "commands/dbcommands.h"
@@ -211,9 +211,9 @@ check_permissions(char *command,
userName = GetPgUserName();
utup = SearchSysCacheTuple(USENAME, PointerGetDatum(userName),
0, 0, 0);
*userIdP = ((Form_pg_user) GETSTRUCT(utup))->usesysid;
use_super = ((Form_pg_user) GETSTRUCT(utup))->usesuper;
use_createdb = ((Form_pg_user) GETSTRUCT(utup))->usecreatedb;
*userIdP = ((Form_pg_shadow) GETSTRUCT(utup))->usesysid;
use_super = ((Form_pg_shadow) GETSTRUCT(utup))->usesuper;
use_createdb = ((Form_pg_shadow) GETSTRUCT(utup))->usecreatedb;
/* Check to make sure user has permission to use createdb */
if (!use_createdb)

4
src/backend/commands/define.c
View File

@@ -9,7 +9,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/commands/define.c,v 1.22 1998/02/13 13:23:33 scrappy Exp $
* $Header: /cvsroot/pgsql/src/backend/commands/define.c,v 1.23 1998/02/25 13:06:12 scrappy Exp $
*
* DESCRIPTION
* The "DefineFoo" routines take the parse tree and pick out the
@@ -52,7 +52,7 @@
#include <commands/defrem.h>
#include <optimizer/xfunc.h>
#include <tcop/dest.h>
#include <catalog/pg_user.h>
#include <catalog/pg_shadow.h>
static char *defGetString(DefElem *def);
static int defGetTypeLength(DefElem *def);

2
src/backend/commands/proclang.c
View File

@@ -11,7 +11,7 @@
#include "access/heapam.h"
#include "catalog/catname.h"
#include "catalog/pg_user.h"
#include "catalog/pg_shadow.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_language.h"
#include "utils/syscache.h"

130
src/backend/commands/user.c
View File

@@ -21,7 +21,7 @@
#include <miscadmin.h>
#include <catalog/catname.h>
#include <catalog/pg_database.h>
#include <catalog/pg_user.h>
#include <catalog/pg_shadow.h>
#include <libpq/crypt.h>
#include <access/heapam.h>
#include <access/xact.h>
@@ -38,7 +38,7 @@ static void CheckPgUserAclNotNull(void);
/*---------------------------------------------------------------------
* UpdatePgPwdFile
*
* copy the modified contents of pg_user to a file used by the postmaster
* copy the modified contents of pg_shadow to a file used by the postmaster
* for user authentication. The file is stored as $PGDATA/pg_pwd.
*---------------------------------------------------------------------
*/
@@ -56,11 +56,11 @@ void UpdatePgPwdFile(char* sql) {
tempname = (char*)malloc(strlen(filename) + 12);
sprintf(tempname, "%s.%d", filename, MyProcPid);
/* Copy the contents of pg_user to the pg_pwd ASCII file using a the SEPCHAR
/* Copy the contents of pg_shadow to the pg_pwd ASCII file using a the SEPCHAR
* character as the delimiter between fields. Then rename the file to its
* final name.
*/
sprintf(sql, "copy %s to '%s' using delimiters %s", UserRelationName, tempname, CRYPT_PWD_FILE_SEPCHAR);
sprintf(sql, "copy %s to '%s' using delimiters %s", ShadowRelationName, tempname, CRYPT_PWD_FILE_SEPCHAR);
pg_exec_query(sql, (char**)NULL, (Oid*)NULL, 0);
rename(tempname, filename);
free((void*)tempname);
@@ -76,15 +76,15 @@ void UpdatePgPwdFile(char* sql) {
/*---------------------------------------------------------------------
* DefineUser
*
* Add the user to the pg_user relation, and if specified make sure the
* Add the user to the pg_shadow relation, and if specified make sure the
* user is specified in the desired groups of defined in pg_group.
*---------------------------------------------------------------------
*/
void DefineUser(CreateUserStmt *stmt) {
char* pg_user;
Relation pg_user_rel;
TupleDesc pg_user_dsc;
Relation pg_shadow_rel;
TupleDesc pg_shadow_dsc;
HeapScanDesc scan;
HeapTuple tuple;
Datum datum;
@@ -101,34 +101,34 @@ void DefineUser(CreateUserStmt *stmt) {
if (!(inblock = IsTransactionBlock()))
BeginTransactionBlock();
/* Make sure the user attempting to create a user can insert into the pg_user
/* Make sure the user attempting to create a user can insert into the pg_shadow
* relation.
*/
pg_user = GetPgUserName();
if (pg_aclcheck(UserRelationName, pg_user, ACL_RD | ACL_WR | ACL_AP) != ACLCHECK_OK) {
if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR | ACL_AP) != ACLCHECK_OK) {
UserAbortTransactionBlock();
elog(ERROR, "defineUser: user \"%s\" does not have SELECT and INSERT privilege for \"%s\"",
pg_user, UserRelationName);
pg_user, ShadowRelationName);
return;
}
/* Scan the pg_user relation to be certain the user doesn't already exist.
/* Scan the pg_shadow relation to be certain the user doesn't already exist.
*/
pg_user_rel = heap_openr(UserRelationName);
pg_user_dsc = RelationGetTupleDescriptor(pg_user_rel);
/* Secure a write lock on pg_user so we can be sure of what the next usesysid
pg_shadow_rel = heap_openr(ShadowRelationName);
pg_shadow_dsc = RelationGetTupleDescriptor(pg_shadow_rel);
/* Secure a write lock on pg_shadow so we can be sure of what the next usesysid
* should be.
*/
RelationSetLockForWrite(pg_user_rel);
RelationSetLockForWrite(pg_shadow_rel);
scan = heap_beginscan(pg_user_rel, false, false, 0, NULL);
scan = heap_beginscan(pg_shadow_rel, false, false, 0, NULL);
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer))) {
datum = heap_getattr(tuple, Anum_pg_user_usename, pg_user_dsc, &n);
datum = heap_getattr(tuple, Anum_pg_shadow_usename, pg_shadow_dsc, &n);
if (!exists && !strncmp((char*)datum, stmt->user, strlen(stmt->user)))
exists = true;
datum = heap_getattr(tuple, Anum_pg_user_usesysid, pg_user_dsc, &n);
datum = heap_getattr(tuple, Anum_pg_shadow_usesysid, pg_shadow_dsc, &n);
if ((int)datum > max_id)
max_id = (int)datum;
@@ -137,8 +137,8 @@ void DefineUser(CreateUserStmt *stmt) {
heap_endscan(scan);
if (exists) {
RelationUnsetLockForWrite(pg_user_rel);
heap_close(pg_user_rel);
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
UserAbortTransactionBlock();
elog(ERROR, "defineUser: user \"%s\" has already been created", stmt->user);
return;
@@ -146,7 +146,7 @@ void DefineUser(CreateUserStmt *stmt) {
/* Build the insert statment to be executed.
*/
sprintf(sql, "insert into %s(usename,usesysid,usecreatedb,usetrace,usesuper,usecatupd,passwd", UserRelationName);
sprintf(sql, "insert into %s(usename,usesysid,usecreatedb,usetrace,usesuper,usecatupd,passwd", ShadowRelationName);
/* if (stmt->password)
strcat(sql, ",passwd"); -- removed so that insert empty string when no password */
if (stmt->validUntil)
@@ -186,8 +186,8 @@ void DefineUser(CreateUserStmt *stmt) {
/* This goes after the UpdatePgPwdFile to be certain that two backends to not
* attempt to write to the pg_pwd file at the same time.
*/
RelationUnsetLockForWrite(pg_user_rel);
heap_close(pg_user_rel);
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
if (IsTransactionBlock() && !inblock)
EndTransactionBlock();
@@ -197,8 +197,8 @@ void DefineUser(CreateUserStmt *stmt) {
extern void AlterUser(AlterUserStmt *stmt) {
char* pg_user;
Relation pg_user_rel;
TupleDesc pg_user_dsc;
Relation pg_shadow_rel;
TupleDesc pg_shadow_dsc;
HeapScanDesc scan;
HeapTuple tuple;
Datum datum;
@@ -214,29 +214,29 @@ extern void AlterUser(AlterUserStmt *stmt) {
if (!(inblock = IsTransactionBlock()))
BeginTransactionBlock();
/* Make sure the user attempting to create a user can insert into the pg_user
/* Make sure the user attempting to create a user can insert into the pg_shadow
* relation.
*/
pg_user = GetPgUserName();
if (pg_aclcheck(UserRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) {
if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) {
UserAbortTransactionBlock();
elog(ERROR, "alterUser: user \"%s\" does not have SELECT and UPDATE privilege for \"%s\"",
pg_user, UserRelationName);
pg_user, ShadowRelationName);
return;
}
/* Scan the pg_user relation to be certain the user exists.
/* Scan the pg_shadow relation to be certain the user exists.
*/
pg_user_rel = heap_openr(UserRelationName);
pg_user_dsc = RelationGetTupleDescriptor(pg_user_rel);
/* Secure a write lock on pg_user so we can be sure that when the dump of
pg_shadow_rel = heap_openr(ShadowRelationName);
pg_shadow_dsc = RelationGetTupleDescriptor(pg_shadow_rel);
/* Secure a write lock on pg_shadow so we can be sure that when the dump of
* the pg_pwd file is done, there is not another backend doing the same.
*/
RelationSetLockForWrite(pg_user_rel);
RelationSetLockForWrite(pg_shadow_rel);
scan = heap_beginscan(pg_user_rel, false, false, 0, NULL);
scan = heap_beginscan(pg_shadow_rel, false, false, 0, NULL);
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer))) {
datum = heap_getattr(tuple, Anum_pg_user_usename, pg_user_dsc, &n);
datum = heap_getattr(tuple, Anum_pg_shadow_usename, pg_shadow_dsc, &n);
if (!strncmp((char*)datum, stmt->user, strlen(stmt->user))) {
exists = true;
@@ -247,8 +247,8 @@ extern void AlterUser(AlterUserStmt *stmt) {
heap_endscan(scan);
if (!exists) {
RelationUnsetLockForWrite(pg_user_rel);
heap_close(pg_user_rel);
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
UserAbortTransactionBlock();
elog(ERROR, "alterUser: user \"%s\" does not exist", stmt->user);
return;
@@ -256,7 +256,7 @@ extern void AlterUser(AlterUserStmt *stmt) {
/* Create the update statement to modify the user.
*/
sprintf(sql, "update %s set", UserRelationName);
sprintf(sql, "update %s set", ShadowRelationName);
sql_end = sql;
if (stmt->password) {
sql_end += strlen(sql_end);
@@ -296,8 +296,8 @@ extern void AlterUser(AlterUserStmt *stmt) {
UpdatePgPwdFile(sql);
RelationUnsetLockForWrite(pg_user_rel);
heap_close(pg_user_rel);
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
if (IsTransactionBlock() && !inblock)
EndTransactionBlock();
@@ -307,7 +307,7 @@ extern void AlterUser(AlterUserStmt *stmt) {
extern void RemoveUser(char* user) {
char* pg_user;
Relation pg_user_rel,
Relation pg_shadow_rel,
pg_rel;
TupleDesc pg_dsc;
HeapScanDesc scan;
@@ -324,33 +324,33 @@ extern void RemoveUser(char* user) {
if (!(inblock = IsTransactionBlock()))
BeginTransactionBlock();
/* Make sure the user attempting to create a user can delete from the pg_user
/* Make sure the user attempting to create a user can delete from the pg_shadow
* relation.
*/
pg_user = GetPgUserName();
if (pg_aclcheck(UserRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) {
if (pg_aclcheck(ShadowRelationName, pg_user, ACL_RD | ACL_WR) != ACLCHECK_OK) {
UserAbortTransactionBlock();
elog(ERROR, "removeUser: user \"%s\" does not have SELECT and DELETE privilege for \"%s\"",
pg_user, UserRelationName);
pg_user, ShadowRelationName);
return;
}
/* Perform a scan of the pg_user relation to find the usesysid of the user to
/* Perform a scan of the pg_shadow relation to find the usesysid of the user to
* be deleted. If it is not found, then return a warning message.
*/
pg_user_rel = heap_openr(UserRelationName);
pg_dsc = RelationGetTupleDescriptor(pg_user_rel);
/* Secure a write lock on pg_user so we can be sure that when the dump of
pg_shadow_rel = heap_openr(ShadowRelationName);
pg_dsc = RelationGetTupleDescriptor(pg_shadow_rel);
/* Secure a write lock on pg_shadow so we can be sure that when the dump of
* the pg_pwd file is done, there is not another backend doing the same.
*/
RelationSetLockForWrite(pg_user_rel);
RelationSetLockForWrite(pg_shadow_rel);
scan = heap_beginscan(pg_user_rel, false, false, 0, NULL);
scan = heap_beginscan(pg_shadow_rel, false, false, 0, NULL);
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer))) {
datum = heap_getattr(tuple, Anum_pg_user_usename, pg_dsc, &n);
datum = heap_getattr(tuple, Anum_pg_shadow_usename, pg_dsc, &n);
if (!strncmp((char*)datum, user, strlen(user))) {
usesysid = (int)heap_getattr(tuple, Anum_pg_user_usesysid, pg_dsc, &n);
usesysid = (int)heap_getattr(tuple, Anum_pg_shadow_usesysid, pg_dsc, &n);
ReleaseBuffer(buffer);
break;
}
@@ -359,8 +359,8 @@ extern void RemoveUser(char* user) {
heap_endscan(scan);
if (usesysid == -1) {
RelationUnsetLockForWrite(pg_user_rel);
heap_close(pg_user_rel);
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
UserAbortTransactionBlock();
elog(ERROR, "removeUser: user \"%s\" does not exist", user);
return;
@@ -399,8 +399,8 @@ extern void RemoveUser(char* user) {
if (dbase)
free((void*)dbase);
/* Since pg_user is global over all databases, one of two things must be done
* to insure complete consistency. First, pg_user could be made non-global.
/* Since pg_shadow is global over all databases, one of two things must be done
* to insure complete consistency. First, pg_shadow could be made non-global.
* This would elminate the code above for deleting database and would require
* the addition of code to delete tables, views, etc owned by the user.
*
@@ -414,15 +414,15 @@ extern void RemoveUser(char* user) {
*
*/
/* Remove the user from the pg_user table
/* Remove the user from the pg_shadow table
*/
sprintf(sql, "delete from %s where usename = '%s'", UserRelationName, user);
sprintf(sql, "delete from %s where usename = '%s'", ShadowRelationName, user);
pg_exec_query(sql, (char**)NULL, (Oid*)NULL, 0);
UpdatePgPwdFile(sql);
RelationUnsetLockForWrite(pg_user_rel);
heap_close(pg_user_rel);
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
if (IsTransactionBlock() && !inblock)
EndTransactionBlock();
@@ -431,25 +431,25 @@ extern void RemoveUser(char* user) {
/*
* CheckPgUserAclNotNull
*
* check to see if there is an ACL on pg_user
* check to see if there is an ACL on pg_shadow
*/
static void CheckPgUserAclNotNull()
{
HeapTuple htp;
htp = SearchSysCacheTuple(RELNAME, PointerGetDatum(UserRelationName),
htp = SearchSysCacheTuple(RELNAME, PointerGetDatum(ShadowRelationName),
0, 0, 0);
if (!HeapTupleIsValid(htp))
{
elog(ERROR, "IsPgUserAclNull: class \"%s\" not found",
UserRelationName);
ShadowRelationName);
}
if (heap_attisnull(htp, Anum_pg_class_relacl))
{
elog(NOTICE, "To use passwords, you have to revoke permissions on pg_user");
elog(NOTICE, "To use passwords, you have to revoke permissions on pg_shadow");
elog(NOTICE, "so normal users can not read the passwords.");
elog(ERROR, "Try 'REVOKE ALL ON pg_user FROM PUBLIC'");
elog(ERROR, "Try 'REVOKE ALL ON pg_shadow FROM PUBLIC'");
}
return;