git.postgresql.org Git - users/c2main/postgres.git/commit

author	Robert Haas <rhaas@postgresql.org>
	Fri, 29 Mar 2024 12:44:45 +0000 (08:44 -0400)
committer	Robert Haas <rhaas@postgresql.org>
	Fri, 29 Mar 2024 12:45:11 +0000 (08:45 -0400)
commit	d3ae2a24f265a028f4b9e8df79ea7b075c6cf016
tree	821da445f3c814a50ca560105f33be84f2a3435d	tree
parent	0075d78947e3800c5a807f48fd901f16db91101b	commit \| diff

Add allow_alter_system GUC.

This is marked PGC_SIGHUP, so it can only be set in a configuration
file, not anywhere else; and it is also marked GUC_DISALLOW_IN_AUTO_FILE,
so it can't be set using ALTER SYSTEM. When set to false, the
ALTER SYSTEM command is disallowed.

There was considerable concern that this would be misinterpreted as
a security feature, which it is not, because a determined superuser
has various ways of bypassing it. Hence, a lot of work has gone into
wordsmithing the documentation, in the hopes of avoiding any such
confusion.

Jelte Fennemia-Nio and Gabriele Bartolini, with wording suggestions
for the documentation from many others.

Discussion: http://postgr.es/m/CA%2BVUV5rEKt2%2BCdC_KUaPoihMu%2Bi5ChT4WVNTr4CD5-xXZUfuQw%40mail.gmail.com

doc/src/sgml/config.sgml		diff \| blob \| blame \| history
doc/src/sgml/ref/alter_system.sgml		diff \| blob \| blame \| history
src/backend/utils/misc/guc.c		diff \| blob \| blame \| history
src/backend/utils/misc/guc_tables.c		diff \| blob \| blame \| history
src/backend/utils/misc/postgresql.conf.sample		diff \| blob \| blame \| history
src/include/utils/guc.h		diff \| blob \| blame \| history