0

I have a postgres table already has row level security enabled, with policy for role1. I want to create another policy for role2. However, when I run

CREATE POLICY policy_name ON {table} AS PERMISSIVE FOR SELECT TO role2 USING (TRUE);

The CREATE POLICY command wants to add a access exclusive lock to the table. However, role1 has active select statement on table, so the CREATE POLICY have to wait for all select statement to finish.

Why the create policy needs access exclusive block? How to get around the lock to run concurrently?

Improve this question
1
  • Add to question text the policy for role1. Commented Nov 14, 2024 at 17:21

1 Answer 1

Reset to default
0

The ACCESS EXCLUSIVE lock has been there from the original commit on, and there is no trace about the lock level in the mailing list discussion. So we cannot answer why it was written like that.

However, it makes a lot of sense to me. Imagine a bulk update, and the rules for which rows can be updated change in mid-operation...

Really, the problem is in your application. If there is no time when there is not a long-running transaction, that database will give you trouble in many other ways, and you need to take down time for any sort of schema modification.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.