Il 12/12/2018 16:01, Tom Lane ha scritto:
Moreno Andreo <moreno.andreo@xxxxxxxxxx> writes:
I'm trying to pg_upgrade a cluster from 9.1 to 10 (Windows 10, but I
don't think it matters).
At a certain point an error is thrown while parsing a trigger:
could not execute query: ERROR: role "1067431" does not exist
command was: REVOKE ALL ON FUNCTION "x"() FROM PUBLIC;
GRANT ALL ON FUNCTION "public"."x"() TO "1067431" WITH GRANT OPTION;
Hm. We've seen similar bugs before; the mechanism is that at some
point the function owner granted privileges to somebody else, and
at some later point the somebody-else role got dropped, but the
privilege grant stayed behind because the system had lost, or never
made, the pg_shdepend entry indicating that this function had an ACL
entry mentioning that role. The extra ACL entry is harmless, until
you wonder why pg_dump is printing a nonsensical command due to it.
That's the case. The customer never complained about any problem but
today, while upgrading his cluster, we bumped into it.
We fixed a couple of bugs of that ilk just last month [1], but they were
for cases involving types and schemas, not functions. The last case
involving function privileges that I see in a quick trawl of the commit
log predates 9.0 release [2]. I wonder how old this cluster is ...
The cluster is version 9.1.6, IIRC
How to REVOKE that non-existing user so pg_upgrade can proceed?
The safest way to clean it up manually would be to set the pg_proc.proacl
field for that function to NULL. If there are other grants about the
function, you could try removing the bad entry, but it would likely be
safer to just re-grant after the upgrade.
Is it not the case to edit proacl column to just remove the unwanted
role? Is it faster and safer to null the column and just reGRANT?
Thanks
Moreno.-