"node check": check role membership when trying to read pg_settings

From PostgreSQL 10, a member of the default roles "pg_monitor" and/or "pg_read_all_settings" can read pg_settings without requiring superuser privileges. Previously, a hint was being emitted about making the repmgr user a member of one of those groups, but no check for membership was being made, meaning the check could only be run by a superuser.
2026-03-27 00:46:29 +00:00 · 2019-08-07 14:23:50 +09:00
parent 10870503d1
commit 38b373e6df
4 changed files with 53 additions and 6 deletions
--- a/dbutils.c
+++ b/dbutils.c
@@ -336,12 +336,10 @@ establish_db_connection_by_params(t_conninfo_param_list *param_list,
 bool
 is_superuser_connection(PGconn *conn, t_connection_user *userinfo)
 {
-	char	   *current_user = NULL;
-	const char *superuser_status = NULL;
 	bool		is_superuser = false;
+	const char *current_user = PQuser(conn);
+	const char *superuser_status = PQparameterStatus(conn, "is_superuser");

-	current_user = PQuser(conn);
-	superuser_status = PQparameterStatus(conn, "is_superuser");
 	is_superuser = (strcmp(superuser_status, "on") == 0) ? true : false;

 	if (userinfo != NULL)
@@ -356,6 +354,51 @@ is_superuser_connection(PGconn *conn, t_connection_user *userinfo)
 }


+bool
+connection_has_pg_settings(PGconn *conn)
+{
+	bool		has_pg_settings = false;
+
+	/* superusers can always read pg_settings */
+	if (is_superuser_connection(conn, NULL) == true)
+	{
+		has_pg_settings = true;
+	}
+	/* from PostgreSQL 10, a non-superuser may have been granted access */
+	else if(PQserverVersion(conn) >= 100000)
+	{
+		PQExpBufferData query;
+		PGresult   *res;
+
+		initPQExpBuffer(&query);
+		appendPQExpBufferStr(&query,
+							 "  SELECT CASE "
+							 "           WHEN pg_catalog.pg_has_role(CURRENT_USER, 'pg_monitor','MEMBER') "
+							 "             THEN TRUE "
+							 "           WHEN pg_catalog.pg_has_role(CURRENT_USER, 'pg_read_all_settings','MEMBER') "
+							 "             THEN TRUE "
+							 "           ELSE FALSE "
+							 "         END AS has_pg_settings");
+
+		res = PQexec(conn, query.data);
+
+		if (PQresultStatus(res) != PGRES_TUPLES_OK)
+		{
+			log_db_error(conn, query.data,
+						 _("connection_has_pg_settings(): unable to query user roles"));
+		}
+		else
+		{
+			has_pg_settings = atobool(PQgetvalue(res, 0, 0));
+		}
+		termPQExpBuffer(&query);
+		PQclear(res);
+	}
+
+	return has_pg_settings;
+}
+
+
 void
 close_connection(PGconn **conn)
 {