在heroku上访问pg_largeobject
[英]pg_largeobject access on heroku
问题描述
I'm trying to clean up my postgres database on heroku where some large objects have gotten out of control and I want to remove large objects which aren't used anymore. 
我正在尝试清理heroku上的postgres数据库,其中一些大型对象已经失控,我想删除不再使用的大型对象。
On my dev machine, I can do: 在我的开发机器上,我可以这样做:
select distinct loid from pg_largeobject
Where loid Not In (select id from table )
then i run: 然后我跑:
SELECT lo_unlink(loid)
on each of those IDs. 在每个ID上。
But on heroku, i can't run any selects on pg_largeobject , as even 但是在heroku上,我无法在pg_largeobject上运行任何选择,就像偶数一样
select * from pg_largeobject limit 1;
gives me an error: 给我一个错误:
ERROR: permission denied for relation pg_largeobject
Any suggestions how to work around this, or actually even why we don't have read access on pg_largeobject in heroku? 有任何建议如何解决这个问题,或者实际上甚至为什么我们没有对heroku中的pg_largeobject进行读访问?
1 个解决方案
解决方案1
8 已采纳 2013-02-22 16:21:02
Since PostgreSQL 9.0, a non-superuser can't access pg_largeobject . 自PostgreSQL 9.0以来,非超级用户无法访问pg_largeobject 。 This is documented in the release notes: 这在发行说明中有记录:
Add the ability to control large object (BLOB) permissions with GRANT/REVOKE (KaiGai Kohei)
Formerly, any database user could read or modify any large object.
If it works on your development instance, it's either because it's version 8.4 or lower, or because you're logged in as a superuser. 如果它适用于您的开发实例,则可能是因为它是8.4或更低版本,或者因为您以超级用户身份登录。
If you can't log in as a superuser on heroku, I guess you could dump the remote database with pg_dump , then reload it locally, identify the leaked OIDs as a local superuser, put them in a script with the lo_unlink commands, and finally play this script against the heroku instance. 如果您无法以heroku的超级用户身份登录,我猜您可以使用pg_dump转储远程数据库,然后在本地重新加载,将泄漏的OID识别为本地超级用户,使用lo_unlink命令将它们放入脚本中,最后针对heroku实例播放此脚本。
Update: 更新:
Based on how the psql \\dl command queries the database, it appears that pg_catalog.pg_largeobject_metadata can be used to retrieve the OIDs and ownership of all large objects, through this query: 根据psql \\dl命令如何查询数据库,可以通过以下查询看到pg_catalog.pg_largeobject_metadata可用于检索所有大对象的OID和所有权:
SELECT oid as "ID",
pg_catalog.pg_get_userbyid(lomowner) as "Owner",
pg_catalog.obj_description(oid, 'pg_largeobject') as "Description"
FROM pg_catalog.pg_largeobject_metadata ORDER BY oid
So your initial query finding the leaked large objects could be changed for non-superusers with 9.0+ into: 因此,对于9.0+以上的非超级用户,可以将发现泄漏的大对象的初始查询更改为:
select oid from pg_largeobject_metadata
Where oid Not In (select id from table )
and if necessary, a condition on lomowner could be added to filter on the large objects owned by a specific user. 如果需要,可以添加lomowner的条件来过滤特定用户拥有的大对象。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.