Skip to content

jobs: define internal job owners and access #96432

Open
Open
jobs: define internal job owners and access#96432
Labels
C-enhancementSolution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)T-jobs
@jayshrivastava

Description

@jayshrivastava
jayshrivastava
opened on Feb 2, 2023

A user with CONTROLJOB cannot modify job created by admins, and there is no discoverable reason for this (see https://cockroachlabs.slack.com/archives/C02DSDS9TM1/p1675194084663479 and #51646). We may want to remove this restriction.

One reason we may want to keep this is to prevent users from disrupting internal jobs (ex. migrations). In this case, we can still change the restriction to prevent modifying jobs owned by "root" or "node". However, there are some uncertainties:

  • Some internal jobs are owned by "root" and some are owned by "node". Maybe we should make all internal jobs consistently use one of these. You can login as root, but I don't think you can login as "node", so maybe "node" is a better choice
  • Some internal jobs, such as schema change and schema change gc don't use "root" or "node" as the job owner. They use the user who executed the query. If a non-admin user kicks off a schema change, a CONTROLJOB user can still kill the job. This is undesirable if we want to prevent them from disrupting internal jobs.

Jira issue: CRDB-24122

Metadata

Metadata

Assignees

No one assigned

    Labels

    C-enhancementSolution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)T-jobs

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions