)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":37598,"name":"Ivan Anfimov","display_name":"Ivan Anfimov","email":"lazekteam@gmail.com","username":"anfimovir"},"change_message_id":"779b0ede086e85ec7a2f826bc514d51f3bb5ea2d","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":9,"id":"c59b37a0_c50abc70","updated":"2026-02-25 10:27:30.000000000","message":"recheck","commit_id":"13a19c520ba6cc4c0b3b2b3d0ce562d9adc53f43"},{"author":{"_account_id":36080,"name":"Erkin Mussurmankulov","display_name":"Eric","email":"mangust404@gmail.com","username":"mongoose404","status":"PS Cloud services employee"},"change_message_id":"776c056d88542c940b9a34824cd0fc1879caac49","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":11,"id":"edbe053a_e95c703d","updated":"2026-02-26 19:39:02.000000000","message":"Hello, Wu! Can you please add +2 again.\n\nTests were failing because of changes in oslo_context and snet removal from swift client. Hopefully, everything should work now.","commit_id":"0604f0ecc97504062fbf335eccc8c65c6d9b1099"},{"author":{"_account_id":26285,"name":"wu.chunyang","email":"wchy1001@gmail.com","username":"wu.chunyang"},"change_message_id":"602b18b67bbb93650f38e9b8c481f4fca5905410","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":11,"id":"d2abac9d_32eb76f8","updated":"2026-02-28 02:24:57.000000000","message":"recheck","commit_id":"0604f0ecc97504062fbf335eccc8c65c6d9b1099"}],"trove/guestagent/datastore/postgres/manager.py":[{"author":{"_account_id":26285,"name":"wu.chunyang","email":"wchy1001@gmail.com","username":"wu.chunyang"},"change_message_id":"7f0ae92de05bd86b3a5122e7543647e172a34131","unresolved":true,"context_lines":[{"line_number":53,"context_line":"        value \u003d self.app.get_config_param(\u0027max_wal_size\u0027)"},{"line_number":54,"context_line":"        if value.isdecimal():"},{"line_number":55,"context_line":"            value \u003d f\"{value}MB\""},{"line_number":56,"context_line":"        normalized \u003d str(value).upper().rstrip(\u0027B\u0027)"},{"line_number":57,"context_line":"        return int(guestagent_utils.to_bytes(normalized))"},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"    def _check_wal_archive_size(self, archive_path, data_path):"}],"source_content_type":"text/x-python","patch_set":4,"id":"6e5090fc_f54aa98b","line":56,"range":{"start_line":56,"start_character":0,"end_line":56,"end_character":51},"updated":"2026-01-28 06:31:16.000000000","message":"Currently, the value is something like 1GB and it works fine. But I prefer to add replace(\u0027 \u0027, \u0027\u0027) to remove the spaces, just in case there are any potential differences in future versions.","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":36080,"name":"Erkin Mussurmankulov","display_name":"Eric","email":"mangust404@gmail.com","username":"mongoose404","status":"PS Cloud services employee"},"change_message_id":"dbba35e2e9331f70dbf53b961aade3378bffd9d3","unresolved":false,"context_lines":[{"line_number":53,"context_line":"        value \u003d self.app.get_config_param(\u0027max_wal_size\u0027)"},{"line_number":54,"context_line":"        if value.isdecimal():"},{"line_number":55,"context_line":"            value \u003d f\"{value}MB\""},{"line_number":56,"context_line":"        normalized \u003d str(value).upper().rstrip(\u0027B\u0027)"},{"line_number":57,"context_line":"        return int(guestagent_utils.to_bytes(normalized))"},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"    def _check_wal_archive_size(self, archive_path, data_path):"}],"source_content_type":"text/x-python","patch_set":4,"id":"d2fba951_f149f99e","line":56,"range":{"start_line":56,"start_character":0,"end_line":56,"end_character":51},"in_reply_to":"6e5090fc_f54aa98b","updated":"2026-01-28 08:41:21.000000000","message":"Yes, you\u0027re right, that may take place in the future.","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":26285,"name":"wu.chunyang","email":"wchy1001@gmail.com","username":"wu.chunyang"},"change_message_id":"7f0ae92de05bd86b3a5122e7543647e172a34131","unresolved":true,"context_lines":[{"line_number":63,"context_line":"        max_wal_size * WAL_SAFETY_FACTOR"},{"line_number":64,"context_line":"        \"\"\""},{"line_number":65,"context_line":"        archive_size \u003d operating_system.get_dir_size(archive_path)"},{"line_number":66,"context_line":"        max_wal_size \u003d self._get_max_wal_size_bytes()"},{"line_number":67,"context_line":""},{"line_number":68,"context_line":"        if archive_size \u003e max_wal_size * WAL_SAFETY_FACTOR:"},{"line_number":69,"context_line":"            LOG.info("}],"source_content_type":"text/x-python","patch_set":4,"id":"b86e2c0e_ca5d4802","line":66,"range":{"start_line":66,"start_character":0,"end_line":66,"end_character":53},"updated":"2026-01-28 06:31:16.000000000","message":"This works well for large disks now, but not for small ones. In my test environment, the disk is only 1GB — if this patch is adopted, the cleanup action will never be triggered before the disk is exhausted. So I think we should also take disk usage into consideration. Here\u0027s an example of the code:\n\n```\narchive_size \u003e max_wal_size * WAL_SAFETY_FACTOR or archive_size \u003e (data_volume_size / 2)\n```","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":36080,"name":"Erkin Mussurmankulov","display_name":"Eric","email":"mangust404@gmail.com","username":"mongoose404","status":"PS Cloud services employee"},"change_message_id":"dbba35e2e9331f70dbf53b961aade3378bffd9d3","unresolved":false,"context_lines":[{"line_number":63,"context_line":"        max_wal_size * WAL_SAFETY_FACTOR"},{"line_number":64,"context_line":"        \"\"\""},{"line_number":65,"context_line":"        archive_size \u003d operating_system.get_dir_size(archive_path)"},{"line_number":66,"context_line":"        max_wal_size \u003d self._get_max_wal_size_bytes()"},{"line_number":67,"context_line":""},{"line_number":68,"context_line":"        if archive_size \u003e max_wal_size * WAL_SAFETY_FACTOR:"},{"line_number":69,"context_line":"            LOG.info("}],"source_content_type":"text/x-python","patch_set":4,"id":"f3eef28a_af6cd928","line":66,"range":{"start_line":66,"start_character":0,"end_line":66,"end_character":53},"in_reply_to":"b86e2c0e_ca5d4802","updated":"2026-01-28 08:41:21.000000000","message":"Actually real-world users with small databases should change the default value for `max_wal_size`. But I don\u0027t see a problem if we\u0027ll add this workaround 👍\nFor some complex tempest scenarios this should work.","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":26285,"name":"wu.chunyang","email":"wchy1001@gmail.com","username":"wu.chunyang"},"change_message_id":"7f0ae92de05bd86b3a5122e7543647e172a34131","unresolved":true,"context_lines":[{"line_number":125,"context_line":"        spacing\u003d180)"},{"line_number":126,"context_line":"    def clean_wal_archives(self, context):"},{"line_number":127,"context_line":"        \"\"\"Clean up the wal archives to free up disk space."},{"line_number":128,"context_line":"        SECURITY NOTE:"},{"line_number":129,"context_line":"        archive_command is user-controlled. Even if excluded from validation"},{"line_number":130,"context_line":"        rules, a PostgreSQL superuser can set it via ALTER SYSTEM."},{"line_number":131,"context_line":"        A malicious user may inject arbitrary shell commands. If a container"},{"line_number":132,"context_line":"        escape or Docker zero-day exists, this could be easily leveraged to"},{"line_number":133,"context_line":"        access the host instance and potentially compromise Trove service"},{"line_number":134,"context_line":"        credentials available on the host."},{"line_number":135,"context_line":"        \"\"\""},{"line_number":136,"context_line":"        archive_command \u003d self.app.get_config_param(\u0027archive_command\u0027)"},{"line_number":137,"context_line":"        if \"DISABLE_TROVE_WAL_CLEANUP\" in archive_command:"},{"line_number":138,"context_line":"            LOG.debug(\u0027wal archiving process is disabled by user \u0027"}],"source_content_type":"text/x-python","patch_set":4,"id":"b6f0661b_07411263","line":135,"range":{"start_line":128,"start_character":0,"end_line":135,"end_character":11},"updated":"2026-01-28 06:31:16.000000000","message":"Do we really need to provide this configuration to users? It\u0027s quite dangerous. Users could easily inject commands, and our project is open source, so malicious actors can easily get the code.","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":36080,"name":"Erkin Mussurmankulov","display_name":"Eric","email":"mangust404@gmail.com","username":"mongoose404","status":"PS Cloud services employee"},"change_message_id":"590c635554eefb775bf107f3049297e26d1ae382","unresolved":false,"context_lines":[{"line_number":125,"context_line":"        spacing\u003d180)"},{"line_number":126,"context_line":"    def clean_wal_archives(self, context):"},{"line_number":127,"context_line":"        \"\"\"Clean up the wal archives to free up disk space."},{"line_number":128,"context_line":"        SECURITY NOTE:"},{"line_number":129,"context_line":"        archive_command is user-controlled. Even if excluded from validation"},{"line_number":130,"context_line":"        rules, a PostgreSQL superuser can set it via ALTER SYSTEM."},{"line_number":131,"context_line":"        A malicious user may inject arbitrary shell commands. If a container"},{"line_number":132,"context_line":"        escape or Docker zero-day exists, this could be easily leveraged to"},{"line_number":133,"context_line":"        access the host instance and potentially compromise Trove service"},{"line_number":134,"context_line":"        credentials available on the host."},{"line_number":135,"context_line":"        \"\"\""},{"line_number":136,"context_line":"        archive_command \u003d self.app.get_config_param(\u0027archive_command\u0027)"},{"line_number":137,"context_line":"        if \"DISABLE_TROVE_WAL_CLEANUP\" in archive_command:"},{"line_number":138,"context_line":"            LOG.debug(\u0027wal archiving process is disabled by user \u0027"}],"source_content_type":"text/x-python","patch_set":4,"id":"ca2b76db_8154cec9","line":135,"range":{"start_line":128,"start_character":0,"end_line":135,"end_character":11},"in_reply_to":"1be8d8bd_bee2701f","updated":"2026-01-29 11:15:49.000000000","message":"Hmm... This will definitely resolve the security issue, but will create few others. \nWhat I can see:\n- the \"enable root\" trove command for PostgreSQL will become meaningless because it\u0027s not a root anymore;\n- superuser access may be required to create extensions in postgresql (a lot of people switch to PostgreSQL because of this feature), this will increase load on tech support teams;\n- non-technical - from a marketing point of view: end users who require superuser access will choose another cloud provider who is able to provide superuser access to dbaas.\n\nAlso obviously if we\u0027ll try to harden the security for PostgreSQL, it should be optional (e.g. CONF.postgresql.safe_root_mode \u003d True/False or something like that), how do you think?\n\nProbably just securing postgresql docker image in some way would be enough.\n\nLet\u0027s wait an answer from our SOC team?\nI think they will propose solutions or recommendations and removing Superuser role may be one of them. We\u0027ll see.","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":36080,"name":"Erkin Mussurmankulov","display_name":"Eric","email":"mangust404@gmail.com","username":"mongoose404","status":"PS Cloud services employee"},"change_message_id":"eb216f52fd8be924a83c8df909c5ce7f7d87d464","unresolved":false,"context_lines":[{"line_number":125,"context_line":"        spacing\u003d180)"},{"line_number":126,"context_line":"    def clean_wal_archives(self, context):"},{"line_number":127,"context_line":"        \"\"\"Clean up the wal archives to free up disk space."},{"line_number":128,"context_line":"        SECURITY NOTE:"},{"line_number":129,"context_line":"        archive_command is user-controlled. Even if excluded from validation"},{"line_number":130,"context_line":"        rules, a PostgreSQL superuser can set it via ALTER SYSTEM."},{"line_number":131,"context_line":"        A malicious user may inject arbitrary shell commands. If a container"},{"line_number":132,"context_line":"        escape or Docker zero-day exists, this could be easily leveraged to"},{"line_number":133,"context_line":"        access the host instance and potentially compromise Trove service"},{"line_number":134,"context_line":"        credentials available on the host."},{"line_number":135,"context_line":"        \"\"\""},{"line_number":136,"context_line":"        archive_command \u003d self.app.get_config_param(\u0027archive_command\u0027)"},{"line_number":137,"context_line":"        if \"DISABLE_TROVE_WAL_CLEANUP\" in archive_command:"},{"line_number":138,"context_line":"            LOG.debug(\u0027wal archiving process is disabled by user \u0027"}],"source_content_type":"text/x-python","patch_set":4,"id":"b5b29c9e_440f5a81","line":135,"range":{"start_line":128,"start_character":0,"end_line":135,"end_character":11},"in_reply_to":"67d73992_d3fc29fd","updated":"2026-02-13 08:12:31.000000000","message":"Hello, Wu!\n\nI got an answer from our SOC team.\n\nHere are 4 things that are, IMO, most important and should be implemented:\n\n1. Create an AppArmor profile for the database Docker container that allows running only necessary Linux CLI tools and forbids the rest (optionally extendable via cfg.py).\nAppArmor is a native Docker feature that we should utilize. Right now, Docker containers run with \"AppArmorProfile\": \"unconfined\", which is not recommended in production.\n\n2. Remove potentially dangerous utilities from containers that are not required for RDBMS functions. No changes in Trove’s code are needed, documentation only.\nWe should inspect current Docker images for each datastore and provide accurate documentation for cloud provider administrators on how to build production-ready images, with examples.\n\n3. Inspect which features require the [service_credentials] section (credentials for Trove’s Keystone service account) and refactor the guest agent codebase to avoid interacting with Keystone directly, using only the taskmanager for that.\nStoring Keystone credentials in client instances is a potential threat to all other clients in the cloud if a container escape attack occurs.\nRight now, I can confirm that the Swift db_backup container and guest log functions are using Keystone credentials.\n\n4. Do not run containers in privileged mode.\nRight now, MariaDB runs in privileged mode. In the comments, it is stated that this is required for io_uring mode.\nSecurity experts generally believe io_uring is unsafe: https://github.com/moby/profiles/commit/0e2acd4ddea76ecd4090b04ebe6c53bacad74c50\n\n  I think the best approach is to add an option in cfg.py (disabled by default), so the cloud provider can decide whether to use privileged mode.\n\nOther suggestions:\n\n5. Remove superuser functionality in PostgreSQL (as you proposed).\nHowever, in my opinion, this will lead to a poor user experience. The suggestions above will mitigate most of the risks, and limiting the superuser is not strictly necessary.\n\n6. For privileged clients, cloud providers should implement additional security services, such as real-time monitoring that detects unauthorized activity inside database instances and proactively prevents it.\nTrove can provide an easy way to attach monitoring tools inside the Nova instance itself, for example during the guest image build stage, and provide documentation on how to do this, with examples.\n\n\np.s. items 1-4 looks like a separate tasks. I will remove the security note from this commit, because we have a plan now","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":26285,"name":"wu.chunyang","email":"wchy1001@gmail.com","username":"wu.chunyang"},"change_message_id":"5a31a696d4047026e0b24db4090cfaf3692e4bcf","unresolved":false,"context_lines":[{"line_number":125,"context_line":"        spacing\u003d180)"},{"line_number":126,"context_line":"    def clean_wal_archives(self, context):"},{"line_number":127,"context_line":"        \"\"\"Clean up the wal archives to free up disk space."},{"line_number":128,"context_line":"        SECURITY NOTE:"},{"line_number":129,"context_line":"        archive_command is user-controlled. Even if excluded from validation"},{"line_number":130,"context_line":"        rules, a PostgreSQL superuser can set it via ALTER SYSTEM."},{"line_number":131,"context_line":"        A malicious user may inject arbitrary shell commands. If a container"},{"line_number":132,"context_line":"        escape or Docker zero-day exists, this could be easily leveraged to"},{"line_number":133,"context_line":"        access the host instance and potentially compromise Trove service"},{"line_number":134,"context_line":"        credentials available on the host."},{"line_number":135,"context_line":"        \"\"\""},{"line_number":136,"context_line":"        archive_command \u003d self.app.get_config_param(\u0027archive_command\u0027)"},{"line_number":137,"context_line":"        if \"DISABLE_TROVE_WAL_CLEANUP\" in archive_command:"},{"line_number":138,"context_line":"            LOG.debug(\u0027wal archiving process is disabled by user \u0027"}],"source_content_type":"text/x-python","patch_set":4,"id":"729c9fce_2c9a3435","line":135,"range":{"start_line":128,"start_character":0,"end_line":135,"end_character":11},"in_reply_to":"b5b29c9e_440f5a81","updated":"2026-02-25 02:11:49.000000000","message":"Hello, thanks for sharing the feedback from the SOC team.\nI’ve reviewed the proposed solutions and here are my thoughts:\nFix 1: I agree this is the most feasible solution for the current security concerns.\nFix 2: The database images are not controlled by the Trove team. Users typically use official images directly.\nFix 3: You’re right that the Swift db_backup container and guest log functions use Keystone credentials. However, these functions are not exposed to end users, and network isolation is applied to database containers. Even if Keystone credentials were leaked, an attacker would still not be able to access these services.\nFix 4: For the PostgreSQL datastore, privileged mode should be disabled.\nFix 5: Regarding removing superuser privileges in PostgreSQL, your concern about user experience is reasonable. If we implement the AppArmor profile, this restriction would not be necessary.\nFix 6: This is theoretically possible, but it depends on additional monitoring services that we currently don’t have.\nAdditionally, all of these tasks should be implemented in a separate patchset. Therefore, I plan to merge the current patchset as-is.","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":36080,"name":"Erkin Mussurmankulov","display_name":"Eric","email":"mangust404@gmail.com","username":"mongoose404","status":"PS Cloud services employee"},"change_message_id":"dbba35e2e9331f70dbf53b961aade3378bffd9d3","unresolved":false,"context_lines":[{"line_number":125,"context_line":"        spacing\u003d180)"},{"line_number":126,"context_line":"    def clean_wal_archives(self, context):"},{"line_number":127,"context_line":"        \"\"\"Clean up the wal archives to free up disk space."},{"line_number":128,"context_line":"        SECURITY NOTE:"},{"line_number":129,"context_line":"        archive_command is user-controlled. Even if excluded from validation"},{"line_number":130,"context_line":"        rules, a PostgreSQL superuser can set it via ALTER SYSTEM."},{"line_number":131,"context_line":"        A malicious user may inject arbitrary shell commands. If a container"},{"line_number":132,"context_line":"        escape or Docker zero-day exists, this could be easily leveraged to"},{"line_number":133,"context_line":"        access the host instance and potentially compromise Trove service"},{"line_number":134,"context_line":"        credentials available on the host."},{"line_number":135,"context_line":"        \"\"\""},{"line_number":136,"context_line":"        archive_command \u003d self.app.get_config_param(\u0027archive_command\u0027)"},{"line_number":137,"context_line":"        if \"DISABLE_TROVE_WAL_CLEANUP\" in archive_command:"},{"line_number":138,"context_line":"            LOG.debug(\u0027wal archiving process is disabled by user \u0027"}],"source_content_type":"text/x-python","patch_set":4,"id":"f6549b67_9f4bf74a","line":135,"range":{"start_line":128,"start_character":0,"end_line":135,"end_character":11},"in_reply_to":"b6f0661b_07411263","updated":"2026-01-28 08:41:21.000000000","message":"We actually can\u0027t forbid users from setting custom archive_command via psql console by executing ALTER SYSTEM SET archive_command\u003d\u0027/bin/malicious_script\u0027 from root account. Adding it to validation-rules is not a security breach but merely alternative for DBA\u0027s to set custom, time-based wal archive cleanup.\n\nI may agree that this SECURITY NOTE is useless if we don\u0027t provide any instructions how to overcome the threat.\n\nSo I can send a request to our SOC department (security operations center) about this issue. They can analyze postgresql docker images for potential threats, and give their recommendations about how postgresql images may be improved to mitigate the risk of container escape threat. Probably some changes in trove\u0027s code itself would be required.\n\nAnd we can put instructions in trove\u0027s docs (for cloud providers), how do you think?","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":26285,"name":"wu.chunyang","email":"wchy1001@gmail.com","username":"wu.chunyang"},"change_message_id":"15799ad4e883f1c2ffea337367e6a79f193ae3ac","unresolved":false,"context_lines":[{"line_number":125,"context_line":"        spacing\u003d180)"},{"line_number":126,"context_line":"    def clean_wal_archives(self, context):"},{"line_number":127,"context_line":"        \"\"\"Clean up the wal archives to free up disk space."},{"line_number":128,"context_line":"        SECURITY NOTE:"},{"line_number":129,"context_line":"        archive_command is user-controlled. Even if excluded from validation"},{"line_number":130,"context_line":"        rules, a PostgreSQL superuser can set it via ALTER SYSTEM."},{"line_number":131,"context_line":"        A malicious user may inject arbitrary shell commands. If a container"},{"line_number":132,"context_line":"        escape or Docker zero-day exists, this could be easily leveraged to"},{"line_number":133,"context_line":"        access the host instance and potentially compromise Trove service"},{"line_number":134,"context_line":"        credentials available on the host."},{"line_number":135,"context_line":"        \"\"\""},{"line_number":136,"context_line":"        archive_command \u003d self.app.get_config_param(\u0027archive_command\u0027)"},{"line_number":137,"context_line":"        if \"DISABLE_TROVE_WAL_CLEANUP\" in archive_command:"},{"line_number":138,"context_line":"            LOG.debug(\u0027wal archiving process is disabled by user \u0027"}],"source_content_type":"text/x-python","patch_set":4,"id":"67d73992_d3fc29fd","line":135,"range":{"start_line":128,"start_character":0,"end_line":135,"end_character":11},"in_reply_to":"ca2b76db_8154cec9","updated":"2026-01-30 01:15:48.000000000","message":"Make sense. Let\u0027s wait for the response from the SOC team. Currently, this patch looks good to me. If there is a more appropriate resolution, we can discuss it later.","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"},{"author":{"_account_id":26285,"name":"wu.chunyang","email":"wchy1001@gmail.com","username":"wu.chunyang"},"change_message_id":"98d15628bb0cb4ed7f75a53e73c724a109b39cb2","unresolved":false,"context_lines":[{"line_number":125,"context_line":"        spacing\u003d180)"},{"line_number":126,"context_line":"    def clean_wal_archives(self, context):"},{"line_number":127,"context_line":"        \"\"\"Clean up the wal archives to free up disk space."},{"line_number":128,"context_line":"        SECURITY NOTE:"},{"line_number":129,"context_line":"        archive_command is user-controlled. Even if excluded from validation"},{"line_number":130,"context_line":"        rules, a PostgreSQL superuser can set it via ALTER SYSTEM."},{"line_number":131,"context_line":"        A malicious user may inject arbitrary shell commands. If a container"},{"line_number":132,"context_line":"        escape or Docker zero-day exists, this could be easily leveraged to"},{"line_number":133,"context_line":"        access the host instance and potentially compromise Trove service"},{"line_number":134,"context_line":"        credentials available on the host."},{"line_number":135,"context_line":"        \"\"\""},{"line_number":136,"context_line":"        archive_command \u003d self.app.get_config_param(\u0027archive_command\u0027)"},{"line_number":137,"context_line":"        if \"DISABLE_TROVE_WAL_CLEANUP\" in archive_command:"},{"line_number":138,"context_line":"            LOG.debug(\u0027wal archiving process is disabled by user \u0027"}],"source_content_type":"text/x-python","patch_set":4,"id":"1be8d8bd_bee2701f","line":135,"range":{"start_line":128,"start_character":0,"end_line":135,"end_character":11},"in_reply_to":"f6549b67_9f4bf74a","updated":"2026-01-29 08:01:02.000000000","message":"yes, you are right. But as a cloud provider, we have to think of the security. I think we can remove the Superuser role from root user which was created by the Trove. The sensitive configures must be allowed by Cloud Provider only. How do think about this ?\nThe current role is like following:\n\n```\npostgres\u003d# \\du\n                             List of roles\n Role name |                         Attributes\n-----------+------------------------------------------------------------\n postgres  | Superuser, Create role, Create DB, Replication, Bypass RLS\n root      | Superuser, Create role, Create DB, Replication, Bypass RLS\n userA     |\n```","commit_id":"9ecfeb09f57c9e3d82207001ca0a82ef5c54c88e"}]}