继续分析:
setup_privileges();
展开:
这是设置权限。
其cmd是:"/home/pgsql/project/bin/postgres" --single -F -O -c search_path=pg_catalog -c exit_on_error=true template1 >/dev/null
其命令是:UPDATE pg_class SET relacl = E'{"=r/\"$POSTGRES_SUPERUSERNAME\""}' WHERE relkind IN ('r', 'v', 'S') AND relacl IS NULL;
/* * Set up privileges * * We mark most system catalogs as world-readable. We don't currently have * to touch functions, languages, or databases, because their default * permissions are OK. * * Some objects may require different permissions by default, so we * make sure we don't overwrite privilege sets that have already been * set (NOT NULL). */ static void setup_privileges(void) { PG_CMD_DECL; char **line; char **priv_lines; static char *privileges_setup[] = { "UPDATE pg_class " " SET relacl = E'{"=r/\\"$POSTGRES_SUPERUSERNAME\\""}' " " WHERE relkind IN ('r', 'v', 'S') AND relacl IS NULL; ", "GRANT USAGE ON SCHEMA pg_catalog TO PUBLIC; ", "GRANT CREATE, USAGE ON SCHEMA public TO PUBLIC; ", "REVOKE ALL ON pg_largeobject FROM PUBLIC; ", NULL }; fputs(_("setting privileges on built-in objects ... "), stdout); fflush(stdout); snprintf(cmd, sizeof(cmd), ""%s" %s template1 >%s", backend_exec, backend_options, DEVNULL); PG_CMD_OPEN; priv_lines = replace_token(privileges_setup, "$POSTGRES_SUPERUSERNAME", username); for (line = priv_lines; *line != NULL; line++) PG_CMD_PUTS(*line); PG_CMD_CLOSE; check_ok(); }