Introduce pg_signal_autovacuum_worker.

Since commit 3a9b18b309, roles with privileges of pg_signal_backend cannot signal autovacuum workers. Many users treated the ability to signal autovacuum workers as a feature instead of a bug, so we are reintroducing it via a new predefined role. Having privileges of this new role, named pg_signal_autovacuum_worker, only permits signaling autovacuum workers. It does not permit signaling other types of superuser backends. Bumps catversion. Author: Kirill Reshke Reviewed-by: Anthony Leung, Michael Paquier, Andrey Borodin Discussion: https://postgr.es/m/CALdSSPhC4GGmbnugHfB9G0%3DfAxjCSug_-rmL9oUh0LTxsyBfsg%40mail.gmail.com
2025-07-30 11:03:19 +03:00 · 2024-07-09 13:03:40 -05:00
parent 629520be5f
commit ccd38024bc
5 changed files with 56 additions and 10 deletions
--- a/doc/src/sgml/func.sgml
+++ b/doc/src/sgml/func.sgml
@ -28163,6 +28163,10 @@ acl      | {postgres=arwdDxtm/postgres,foo=r/postgres}
        calling role is a member of the role whose backend is being canceled or
        the calling role has privileges of <literal>pg_signal_backend</literal>,
        however only superusers can cancel superuser backends.
+        As an exception, roles with privileges of
+        <literal>pg_signal_autovacuum_worker</literal> are permitted to
+        cancel autovacuum worker processes, which are otherwise considered
+        superuser backends.
       </para></entry>
      </row>

@ -28237,6 +28241,10 @@ acl      | {postgres=arwdDxtm/postgres,foo=r/postgres}
        is a member of the role whose backend is being terminated or the
        calling role has privileges of <literal>pg_signal_backend</literal>,
        however only superusers can terminate superuser backends.
+        As an exception, roles with privileges of
+        <literal>pg_signal_autovacuum_worker</literal> are permitted to
+        terminate autovacuum worker processes, which are otherwise considered
+        superuser backends.
       </para>
       <para>
        If <parameter>timeout</parameter> is not specified or zero, this
--- a/doc/src/sgml/user-manag.sgml
+++ b/doc/src/sgml/user-manag.sgml
@ -661,6 +661,11 @@ DROP ROLE doomed_role;
       <entry>pg_signal_backend</entry>
       <entry>Signal another backend to cancel a query or terminate its session.</entry>
      </row>
+      <row>
+       <entry>pg_signal_autovacuum_worker</entry>
+       <entry>Signal an autovacuum worker to cancel the current table's vacuum
+       or terminate its session.</entry>
+      </row>
      <row>
       <entry>pg_read_server_files</entry>
       <entry>Allow reading files from any location the database can access on the server with COPY and