1
0
mirror of https://github.com/postgres/postgres.git synced 2025-08-18 12:22:09 +03:00
Commit Graph

12120 Commits

Author SHA1 Message Date
Tom Lane
4716c9e70e Doc: clarify explanation of pg_dump usage.
This section confusingly used both "infile" and "outfile" to refer
to the same file, i.e. the textual output of pg_dump.  Use "dumpfile"
for both cases, per suggestion from Jonathan Katz.

Discussion: https://postgr.es/m/152311295239.31235.6487236091906987117@wrigleys.postgresql.org
2018-04-08 16:35:43 -04:00
Bruce Momjian
ec45e60362 doc: remove mention of the DMOZ catalog in ltree docs
Discussion: https://postgr.es/m/CAF4Au4xYem_W3KOuxcKct7=G4j8Z3uO9j3DUKTFJqUsfp_9pQg@mail.gmail.com

Author: Oleg Bartunov

Backpatch-through: 9.3
2018-04-05 15:55:41 -04:00
Bruce Momjian
9305257baf docs: update ltree URL for the DMOZ catalog
Reported-by: bbrincat@gmail.com

Discussion: https://postgr.es/m/152283596377.1441.11672249301622760943@wrigleys.postgresql.org

Author: Oleg Bartunov

Backpatch-through: 9.3
2018-04-04 15:06:21 -04:00
Bruce Momjian
b71741b425 doc: document "IS NOT DOCUMENT"
Reported-by: scott.ure@caseware.com

Discussion: https://postgr.es/m/152056505045.4963.16783351661813640274@wrigleys.postgresql.org

Author: Euler Taveira

Backpatch-through: 9.3
2018-04-02 16:41:46 -04:00
Bruce Momjian
839e26e31b docs: add parameter with brackets around varbit()
Reported-by: scott.ure@caseware.com

Discussion: https://postgr.es/m/152074343671.1853.18284519607571497106@wrigleys.postgresql.org

Author: Euler Taveira

Backpatch-through: 9.3
2018-03-30 13:34:12 -04:00
Tom Lane
428d2465c2 Doc: add example of type resolution in nested UNIONs.
Section 10.5 didn't say explicitly that multiple UNIONs are resolved
pairwise.  Since the resolution algorithm is described as taking any
number of inputs, readers might well think that a query like
"select x union select y union select z" would be resolved by
considering x, y, and z in one resolution step.  But that's not what
happens (and I think that behavior is per SQL spec).  Add an example
clarifying this point.

Per bug #15129 from Philippe Beaudoin.

Discussion: https://postgr.es/m/152196085023.32649.9916472370480121694@wrigleys.postgresql.org
2018-03-25 16:15:16 -04:00
Tom Lane
8f991f41bf Doc: remove extra comma in syntax summary for array_fill().
Noted by Scott Ure.  Back-patch to all supported branches.

Discussion: https://postgr.es/m/152199346794.4544.1888397173908716912@wrigleys.postgresql.org
2018-03-25 12:38:45 -04:00
Noah Misch
60c623678f Don't qualify type pg_catalog.text in extend-extensions-example.
Extension scripts begin execution with pg_catalog at the front of the
search path, so type names reliably refer to pg_catalog.  Remove these
superfluous qualifications.  Earlier <programlisting> of this <sect1>
already omitted them.  Back-patch to 9.3 (all supported versions).
2018-03-23 20:31:06 -07:00
Tatsuo Ishii
9312fcf03b Fix typo.
Patch by me.
2018-03-21 23:12:18 +09:00
Tom Lane
b1e48cc9c7 Doc: note that statement-level view triggers require an INSTEAD OF trigger.
If a view lacks an INSTEAD OF trigger, DML on it can only work by rewriting
the command into a command on the underlying base table(s).  Then we will
fire triggers attached to those table(s), not those for the view.  This
seems appropriate from a consistency standpoint, but nowhere was the
behavior explicitly documented, so let's do that.

There was some discussion of throwing an error or warning if a statement
trigger is created on a view without creating a row INSTEAD OF trigger.
But a simple implementation of that would result in dump/restore ordering
hazards.  Given that it's been like this all along, and we hadn't heard
a complaint till now, a documentation improvement seems sufficient.

Per bug #15106 from Pu Qun.  Back-patch to all supported branches.

Discussion: https://postgr.es/m/152083391168.1215.16892140713507052796@wrigleys.postgresql.org
2018-03-18 15:10:28 -04:00
Tom Lane
21c90dfcf8 Doc: explicitly point out that enum values can't be dropped.
This was not stated in so many words anywhere.  Document it to make
clear that it's a design limitation and not just an oversight or
documentation omission.

Discussion: https://postgr.es/m/152089733343.1222.6927268289645380498@wrigleys.postgresql.org
2018-03-16 13:44:34 -04:00
Tom Lane
f46bc90dbc Stamp 9.4.17. 2018-02-26 17:17:45 -05:00
Tom Lane
dfebb71692 Last-minute updates for release notes.
Security: CVE-2018-1058
2018-02-26 12:14:05 -05:00
Noah Misch
f28955e382 Document security implications of search_path and the public schema.
The ability to create like-named objects in different schemas opens up
the potential for users to change the behavior of other users' queries,
maliciously or accidentally.  When you connect to a PostgreSQL server,
you should remove from your search_path any schema for which a user
other than yourself or superusers holds the CREATE privilege.  If you do
not, other users holding CREATE privilege can redefine the behavior of
your commands, causing them to perform arbitrary SQL statements under
your identity.  "SET search_path = ..." and "SELECT
pg_catalog.set_config(...)" are not vulnerable to such hijacking, so one
can use either as the first command of a session.  As special
exceptions, the following client applications behave as documented
regardless of search_path settings and schema privileges: clusterdb
createdb createlang createuser dropdb droplang dropuser ecpg (not
programs it generates) initdb oid2name pg_archivecleanup pg_basebackup
pg_config pg_controldata pg_ctl pg_dump pg_dumpall pg_isready
pg_receivewal pg_recvlogical pg_resetwal pg_restore pg_rewind pg_standby
pg_test_fsync pg_test_timing pg_upgrade pg_waldump reindexdb vacuumdb
vacuumlo.  Not included are core client programs that run user-specified
SQL commands, namely psql and pgbench.  PostgreSQL encourages non-core
client applications to do likewise.

Document this in the context of libpq connections, psql connections,
dblink connections, ECPG connections, extension packaging, and schema
usage patterns.  The principal defense for applications is "SELECT
pg_catalog.set_config('search_path', '', false)", and the principal
defense for databases is "REVOKE CREATE ON SCHEMA public FROM PUBLIC".
Either one is sufficient to prevent attack.  After a REVOKE, consider
auditing the public schema for objects named like pg_catalog objects.

Authors of SECURITY DEFINER functions use some of the same defenses, and
the CREATE FUNCTION reference page already covered them thoroughly.
This is a good opportunity to audit SECURITY DEFINER functions for
robust security practice.

Back-patch to 9.3 (all supported versions).

Reviewed by Michael Paquier and Jonathan S. Katz.  Reported by Arseniy
Sharoglazov.

Security: CVE-2018-1058
2018-02-26 07:39:48 -08:00
Tom Lane
548e849557 Release notes for 10.3, 9.6.8, 9.5.12, 9.4.17, 9.3.22. 2018-02-25 14:52:51 -05:00
Noah Misch
da27155c6b Synchronize doc/ copies of src/test/examples/.
This is mostly cosmetic, but it might fix build failures, on some
platform, when copying from the documentation.

Back-patch to 9.3 (all supported versions).
2018-02-23 11:24:08 -08:00
Tom Lane
1bb87c0fae Doc: fix minor bug in CREATE TABLE example.
One example in create_table.sgml claimed to be showing table constraint
syntax, but it was really column constraint syntax due to the omission
of a comma.  This is both wrong and confusing, so fix it in all
supported branches.

Per report from neil@postgrescompare.com.

Discussion: https://postgr.es/m/151871659877.1393.2431103178451978795@wrigleys.postgresql.org
2018-02-15 13:57:14 -05:00
Magnus Hagander
581189327a Change default git repo URL to https
Since we now support the server side handler for git over https (so
we're no longer using the "dumb protocol"), make https the primary
choice for cloning the repository, and the git protocol the secondary
choice.

In passing, also change the links to git-scm.com from http to https.

Reviewed by Stefan Kaltenbrunner and David G.  Johnston
2018-02-07 11:05:13 +01:00
Tom Lane
b7e1ca7d8e Stamp 9.4.16. 2018-02-05 16:07:03 -05:00
Tom Lane
9a12ac37be Last-minute updates for release notes.
Security: CVE-2018-1052, CVE-2018-1053
2018-02-05 14:44:08 -05:00
Tom Lane
f20a9972c7 Release notes for 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21. 2018-02-04 15:13:45 -05:00
Bruce Momjian
27a5eaa71b doc: in contrib-spi, mention and link to the meaning of SPI
Also remove outdated comment about SPI subtransactions.

Reported-by: gregory@arenius.com

Discussion: https://postgr.es/m/151726276676.1240.10501743959198501067@wrigleys.postgresql.org

Backpatch-through: 9.3
2018-01-31 16:54:33 -05:00
Robert Haas
7c348e16c2 pgcrypto's encrypt() supports AES-128, AES-192, and AES-256
Previously, only 128 was mentioned, but the others are also supported.

Thomas Munro, reviewed by Michael Paquier and extended a bit by me.

Discussion: http://postgr.es/m/CAEepm=1XbBHXYJKofGjnM2Qfz-ZBVqhGU4AqvtgR+Hegy4fdKg@mail.gmail.com
2018-01-31 16:33:39 -05:00
Peter Eisentraut
b37422de89 psql documentation fixes
Update the documentation for \pset to mention
columns|linestyle.

Author: Дилян Палаузов <dpa-postgres@aegee.org>
2018-01-29 14:18:11 -05:00
Bruce Momjian
a0950b1b96 doc: simplify intermediate certificate mention in libpq docs
Backpatch-through: 9.3
2018-01-23 10:18:21 -05:00
Bruce Momjian
f840557181 doc: update intermediate certificate instructions
Document how to properly create root and intermediate certificates using
v3_ca extensions and where to place intermediate certificates so they
are properly transferred to the remote side with the leaf certificate to
link to the remote root certificate.  This corrects docs that used to
say that intermediate certificates must be stored with the root
certificate.

Also add instructions on how to create root, intermediate, and leaf
certificates.

Discussion: https://postgr.es/m/20180116002238.GC12724@momjian.us

Reviewed-by: Michael Paquier

Backpatch-through: 9.3
2018-01-20 21:47:02 -05:00
Tom Lane
493cdc8ee5 Fix sample INSTR() functions in the plpgsql documentation.
These functions are stated to be Oracle-compatible, but they weren't.
Yugo Nagata noticed that while our code returns zero for a zero or
negative fourth parameter (occur_index), Oracle throws an error.
Further testing by me showed that there was also a discrepancy in the
interpretation of a negative third parameter (beg_index): Oracle thinks
that a negative beg_index indicates the last place where the target
substring can *begin*, whereas our code thinks it is the last place
where the target can *end*.

Adjust the sample code to behave like Oracle in both these respects.
Also change it to be a CDATA[] section, simplifying copying-and-pasting
out of the documentation source file.  And fix minor problems in the
introductory comment, which wasn't very complete or accurate.

Back-patch to all supported branches.  Although this patch only touches
documentation, we should probably call it out as a bug fix in the next
minor release notes, since users who have adopted the functions will
likely want to update their versions.

Yugo Nagata and Tom Lane

Discussion: https://postgr.es/m/20171229191705.c0b43a8c.nagata@sraoss.co.jp
2018-01-10 17:13:29 -05:00
Bruce Momjian
aa7d71be4b Update copyright for 2018
Backpatch-through: certain files through 9.3
2018-01-02 23:30:12 -05:00
Peter Eisentraut
02f66d8656 doc: Fix figures in example description
oversight in 244c8b466a

Reported-by: Blaz Merela <blaz@merela.org>
2017-12-18 16:03:00 -05:00
Peter Eisentraut
5f82b3f7c6 doc: Add advice about systemd RemoveIPC
Reviewed-by: Magnus Hagander <magnus@hagander.net>
2017-12-08 10:55:23 -05:00
Robert Haas
294136d422 Provide for forward compatibility with future minor protocol versions.
Previously, any attempt to request a 3.x protocol version other than
3.0 would lead to a hard connection failure, which made the minor
protocol version really no different from the major protocol version
and precluded gentle protocol version breaks.  Instead, when the
client requests a 3.x protocol version where x is greater than 0, send
the new NegotiateProtocolVersion message to convey that we support
only 3.0.  This makes it possible to introduce new minor protocol
versions without requiring a connection retry when the server is
older.

In addition, if the startup packet includes name/value pairs where
the name starts with "_pq_.", assume that those are protocol options,
not GUCs.  Include those we don't support (i.e. all of them, at
present) in the NegotiateProtocolVersion message so that the client
knows they were not understood.  This makes it possible for the
client to request previously-unsupported features without bumping
the protocol version at all; the client can tell from the server's
response whether the option was understood.

It will take some time before servers that support these new
facilities become common in the wild; to speed things up and make
things easier for a future 3.1 protocol version, back-patch to all
supported releases.

Robert Haas and Badrul Chowdhury

Discussion: http://postgr.es/m/BN6PR21MB0772FFA0CBD298B76017744CD1730@BN6PR21MB0772.namprd21.prod.outlook.com
Discussion: http://postgr.es/m/30788.1498672033@sss.pgh.pa.us
2017-11-21 14:38:29 -05:00
Peter Eisentraut
18d431bda2 Add -wnet to SP invocations
This causes a warning when accidentally backpatching an XML-style
empty-element tag like <xref linkend="abc"/>.
2017-11-10 08:32:35 -05:00
Tom Lane
de7dabfd35 Stamp 9.4.15. 2017-11-06 17:13:17 -05:00
Tom Lane
e7bae63e02 Last-minute updates for release notes.
Security: CVE-2017-12172, CVE-2017-15098, CVE-2017-15099
2017-11-06 12:02:30 -05:00
Tom Lane
168b41b65b Release notes for 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20, 9.2.24.
In the v10 branch, also back-patch the effects of 1ff01b390 and c29c57890
on these files, to reduce future maintenance issues.  (I'd do it further
back, except that the 9.X branches differ anyway due to xlog-to-wal
link tag renaming.)
2017-11-05 13:47:57 -05:00
Tom Lane
f570ec5181 Doc: update URL for check_postgres.
Reported by Dan Vianello.

Discussion: https://postgr.es/m/e6e12f18f70e46848c058084d42fb651@KSTLMEXGP001.CORP.CHARTERCOM.com
2017-11-01 22:07:14 -04:00
Tom Lane
55429227ce Doc: mention that you can't PREPARE TRANSACTION after NOTIFY.
The NOTIFY page said this already, but the PREPARE TRANSACTION page
missed it.

Discussion: https://postgr.es/m/20171024010602.1488.80066@wrigleys.postgresql.org
2017-10-27 10:46:06 -04:00
Tom Lane
264b00fca7 Doc: fix missing explanation of default object privileges.
The GRANT reference page, which lists the default privileges for new
objects, failed to mention that USAGE is granted by default for data
types and domains.  As a lesser sin, it also did not specify anything
about the initial privileges for sequences, FDWs, foreign servers,
or large objects.  Fix that, and add a comment to acldefault() in the
probably vain hope of getting people to maintain this list in future.

Noted by Laurenz Albe, though I editorialized on the wording a bit.
Back-patch to all supported branches, since they all have this behavior.

Discussion: https://postgr.es/m/1507620895.4152.1.camel@cybertec.at
2017-10-11 16:56:54 -04:00
Noah Misch
c8178929c5 Don't recommend "DROP SCHEMA information_schema CASCADE".
It drops objects outside information_schema that depend on objects
inside information_schema.  For example, it will drop a user-defined
view if the view query refers to information_schema.

Discussion: https://postgr.es/m/20170831025345.GE3963697@rfd.leadboat.com
2017-09-26 22:39:47 -07:00
Peter Eisentraut
b187702f8a doc: Fix typos and other minor issues
Author: Alexander Lakhin <exclusion@gmail.com>
2017-09-01 23:19:30 -04:00
Tom Lane
2338ad2637 Doc: document libpq's restriction to INT_MAX rows in a PGresult.
As long as PQntuples, PQgetvalue, etc, use "int" for row numbers, we're
pretty much stuck with this limitation.  The documentation formerly stated
that the result of PQntuples "might overflow on 32-bit operating systems",
which is just nonsense: that's not where the overflow would happen, and
if you did reach an overflow it would not be on a 32-bit machine, because
you'd have OOM'd long since.

Discussion: https://postgr.es/m/CA+FnnTxyLWyjY1goewmJNxC==HQCCF4fKkoCTa9qR36oRAHDPw@mail.gmail.com
2017-08-29 15:38:34 -04:00
Tom Lane
e19e12be48 Improve docs about numeric formatting patterns (to_char/to_number).
The explanation about "0" versus "9" format characters was confusing
and arguably wrong; the discussion of sign handling wasn't very good
either.  Notably, while it's accurate to say that "FM" strips leading
zeroes in date/time values, what it really does with numeric values
is to strip *trailing* zeroes, and then only if you wrote "9" rather
than "0".  Per gripes from Erwin Brandstetter.

Discussion: https://postgr.es/m/CAGHENJ7jgRbTn6nf48xNZ=FHgL2WQ4X8mYsUAU57f-vq8PubEw@mail.gmail.com
Discussion: https://postgr.es/m/CAGHENJ45ymd=GOCu1vwV9u7GmCR80_5tW0fP9C_gJKbruGMHvQ@mail.gmail.com
2017-08-29 09:34:21 -04:00
Tom Lane
ca3f8299ef Stamp 9.4.14. 2017-08-28 17:26:11 -04:00
Tom Lane
d25183c4e3 Doc: adjust release-note credit for parallel pg_restore fix.
Discussion: https://postgr.es/m/CAFcNs+pJ6_Ud-zg3vY_Y0mzfESdM34Humt8avKrAKq_H+v18Cg@mail.gmail.com
2017-08-28 11:40:48 -04:00
Tom Lane
f30fc7aa9a Release notes for 9.6.5, 9.5.9, 9.4.14, 9.3.19, 9.2.23. 2017-08-27 17:35:04 -04:00
Tom Lane
6d81d0a215 Stamp 9.4.13. 2017-08-07 17:15:44 -04:00
Tom Lane
5bb8162e45 Last-minute updates for release notes.
Security: CVE-2017-7546, CVE-2017-7547, CVE-2017-7548
2017-08-07 11:46:20 -04:00
Noah Misch
b6e39ca92e Again match pg_user_mappings to information_schema.user_mapping_options.
Commit 3eefc51053 claimed to make
pg_user_mappings enforce the qualifications user_mapping_options had
been enforcing, but its removal of a longstanding restriction left them
distinct when the current user is the subject of a mapping yet has no
server privileges.  user_mapping_options emits no rows for such a
mapping, but pg_user_mappings includes full umoptions.  Change
pg_user_mappings to show null for umoptions.  Back-patch to 9.2, like
the above commit.

Reviewed by Tom Lane.  Reported by Jeff Janes.

Security: CVE-2017-7547
2017-08-07 07:09:31 -07:00
Tom Lane
dec6e4746d Release notes for 9.6.4, 9.5.8, 9.4.13, 9.3.18, 9.2.22. 2017-08-06 17:57:07 -04:00
Peter Eisentraut
e0446d06e9 Add missing ALTER USER variants
ALTER USER ... SET did not support all the syntax variants of ALTER ROLE
...  SET.

Reported-by: Pavel Golub <pavel@microolap.com>
2017-08-03 21:08:39 -04:00