noset

阻止非超级用户使用SET/RESET设置变量

概览

扩展包名	版本	分类	许可证	语言
`pg_noset`	`0.3.0`	SEC	AGPL-3.0	C

ID	扩展名	Bin	Lib	Load	Create	Trust	Reloc	模式
7420	`noset`	否	是	是	是	否	是	-

相关扩展	`pg_readonly` `pg_permissions` `set_user` `pgaudit` `login_hook` `sepgsql` `safeupdate` `credcheck`

版本

类型	仓库	版本	PG 大版本	包名	依赖
EXT	PIGSTY	`0.3.0`	1817161514	`pg_noset`	-
RPM	PIGSTY	`0.3.0`	1817161514	`noset_$v`	-
DEB	PIGSTY	`0.3.0`	1817161514	`postgresql-$v-noset`	-

OS / PG	PG18	PG17	PG16	PG15	PG14
el8.x86_64	PIGSTY 0.3.0 el8.x86_64.pg18 : noset_18 noset_18-0.3.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el8.x86_64.pg17 : noset_17 noset_17-0.3.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el8.x86_64.pg16 : noset_16 noset_16-0.3.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el8.x86_64.pg15 : noset_15 noset_15-0.3.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el8.x86_64.pg14 : noset_14 noset_14-0.3.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB
el8.aarch64	PIGSTY 0.3.0 el8.aarch64.pg18 : noset_18 noset_18-0.3.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.3.0 · 15.4KiB	PIGSTY 0.3.0 el8.aarch64.pg17 : noset_17 noset_17-0.3.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.3.0 · 15.4KiB	PIGSTY 0.3.0 el8.aarch64.pg16 : noset_16 noset_16-0.3.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.3.0 · 15.4KiB	PIGSTY 0.3.0 el8.aarch64.pg15 : noset_15 noset_15-0.3.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.3.0 · 15.5KiB	PIGSTY 0.3.0 el8.aarch64.pg14 : noset_14 noset_14-0.3.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.3.0 · 15.4KiB
el9.x86_64	PIGSTY 0.3.0 el9.x86_64.pg18 : noset_18 noset_18-0.3.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.3.0 · 15.9KiB	PIGSTY 0.3.0 el9.x86_64.pg17 : noset_17 noset_17-0.3.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.3.0 · 16.0KiB	PIGSTY 0.3.0 el9.x86_64.pg16 : noset_16 noset_16-0.3.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.3.0 · 16.0KiB	PIGSTY 0.3.0 el9.x86_64.pg15 : noset_15 noset_15-0.3.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.3.0 · 16.0KiB	PIGSTY 0.3.0 el9.x86_64.pg14 : noset_14 noset_14-0.3.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.3.0 · 16.0KiB
el9.aarch64	PIGSTY 0.3.0 el9.aarch64.pg18 : noset_18 noset_18-0.3.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.3.0 · 15.4KiB	PIGSTY 0.3.0 el9.aarch64.pg17 : noset_17 noset_17-0.3.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el9.aarch64.pg16 : noset_16 noset_16-0.3.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el9.aarch64.pg15 : noset_15 noset_15-0.3.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el9.aarch64.pg14 : noset_14 noset_14-0.3.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.3.0 · 15.6KiB
el10.x86_64	PIGSTY 0.3.0 el10.x86_64.pg18 : noset_18 noset_18-0.3.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el10.x86_64.pg17 : noset_17 noset_17-0.3.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el10.x86_64.pg16 : noset_16 noset_16-0.3.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el10.x86_64.pg15 : noset_15 noset_15-0.3.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el10.x86_64.pg14 : noset_14 noset_14-0.3.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.3.0 · 15.6KiB
el10.aarch64	PIGSTY 0.3.0 el10.aarch64.pg18 : noset_18 noset_18-0.3.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el10.aarch64.pg17 : noset_17 noset_17-0.3.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el10.aarch64.pg16 : noset_16 noset_16-0.3.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el10.aarch64.pg15 : noset_15 noset_15-0.3.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.3.0 · 15.6KiB	PIGSTY 0.3.0 el10.aarch64.pg14 : noset_14 noset_14-0.3.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.3.0 · 15.6KiB
d12.x86_64	PIGSTY 0.3.0 d12.x86_64.pg18 : postgresql-18-noset postgresql-18-noset_0.3.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.3.0 · 27.3KiB	PIGSTY 0.3.0 d12.x86_64.pg17 : postgresql-17-noset postgresql-17-noset_0.3.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.3.0 · 27.3KiB	PIGSTY 0.3.0 d12.x86_64.pg16 : postgresql-16-noset postgresql-16-noset_0.3.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.3.0 · 27.3KiB	PIGSTY 0.3.0 d12.x86_64.pg15 : postgresql-15-noset postgresql-15-noset_0.3.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.3.0 · 27.3KiB	PIGSTY 0.3.0 d12.x86_64.pg14 : postgresql-14-noset postgresql-14-noset_0.3.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.3.0 · 27.3KiB
d12.aarch64	PIGSTY 0.3.0 d12.aarch64.pg18 : postgresql-18-noset postgresql-18-noset_0.3.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.3.0 · 27.1KiB	PIGSTY 0.3.0 d12.aarch64.pg17 : postgresql-17-noset postgresql-17-noset_0.3.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.3.0 · 27.0KiB	PIGSTY 0.3.0 d12.aarch64.pg16 : postgresql-16-noset postgresql-16-noset_0.3.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.3.0 · 27.0KiB	PIGSTY 0.3.0 d12.aarch64.pg15 : postgresql-15-noset postgresql-15-noset_0.3.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.3.0 · 27.0KiB	PIGSTY 0.3.0 d12.aarch64.pg14 : postgresql-14-noset postgresql-14-noset_0.3.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.3.0 · 27.0KiB
d13.x86_64	PIGSTY 0.3.0 d13.x86_64.pg18 : postgresql-18-noset postgresql-18-noset_0.3.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.3.0 · 27.3KiB	PIGSTY 0.3.0 d13.x86_64.pg17 : postgresql-17-noset postgresql-17-noset_0.3.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.3.0 · 27.3KiB	PIGSTY 0.3.0 d13.x86_64.pg16 : postgresql-16-noset postgresql-16-noset_0.3.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.3.0 · 27.3KiB	PIGSTY 0.3.0 d13.x86_64.pg15 : postgresql-15-noset postgresql-15-noset_0.3.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.3.0 · 27.3KiB	PIGSTY 0.3.0 d13.x86_64.pg14 : postgresql-14-noset postgresql-14-noset_0.3.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.3.0 · 27.3KiB
d13.aarch64	PIGSTY 0.3.0 d13.aarch64.pg18 : postgresql-18-noset postgresql-18-noset_0.3.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.3.0 · 27.0KiB	PIGSTY 0.3.0 d13.aarch64.pg17 : postgresql-17-noset postgresql-17-noset_0.3.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.3.0 · 27.0KiB	PIGSTY 0.3.0 d13.aarch64.pg16 : postgresql-16-noset postgresql-16-noset_0.3.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.3.0 · 27.0KiB	PIGSTY 0.3.0 d13.aarch64.pg15 : postgresql-15-noset postgresql-15-noset_0.3.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.3.0 · 27.0KiB	PIGSTY 0.3.0 d13.aarch64.pg14 : postgresql-14-noset postgresql-14-noset_0.3.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.3.0 · 27.0KiB
u22.x86_64	PIGSTY 0.3.0 u22.x86_64.pg18 : postgresql-18-noset postgresql-18-noset_0.3.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.3.0 · 28.9KiB	PIGSTY 0.3.0 u22.x86_64.pg17 : postgresql-17-noset postgresql-17-noset_0.3.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.3.0 · 32.8KiB	PIGSTY 0.3.0 u22.x86_64.pg16 : postgresql-16-noset postgresql-16-noset_0.3.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.3.0 · 32.2KiB	PIGSTY 0.3.0 u22.x86_64.pg15 : postgresql-15-noset postgresql-15-noset_0.3.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.3.0 · 32.2KiB	PIGSTY 0.3.0 u22.x86_64.pg14 : postgresql-14-noset postgresql-14-noset_0.3.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.3.0 · 31.0KiB
u22.aarch64	PIGSTY 0.3.0 u22.aarch64.pg18 : postgresql-18-noset postgresql-18-noset_0.3.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.3.0 · 28.7KiB	PIGSTY 0.3.0 u22.aarch64.pg17 : postgresql-17-noset postgresql-17-noset_0.3.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.3.0 · 32.6KiB	PIGSTY 0.3.0 u22.aarch64.pg16 : postgresql-16-noset postgresql-16-noset_0.3.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.3.0 · 32.0KiB	PIGSTY 0.3.0 u22.aarch64.pg15 : postgresql-15-noset postgresql-15-noset_0.3.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.3.0 · 32.0KiB	PIGSTY 0.3.0 u22.aarch64.pg14 : postgresql-14-noset postgresql-14-noset_0.3.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.3.0 · 30.8KiB
u24.x86_64	PIGSTY 0.3.0 u24.x86_64.pg18 : postgresql-18-noset postgresql-18-noset_0.3.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.3.0 · 28.3KiB	PIGSTY 0.3.0 u24.x86_64.pg17 : postgresql-17-noset postgresql-17-noset_0.3.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.3.0 · 28.3KiB	PIGSTY 0.3.0 u24.x86_64.pg16 : postgresql-16-noset postgresql-16-noset_0.3.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.3.0 · 28.3KiB	PIGSTY 0.3.0 u24.x86_64.pg15 : postgresql-15-noset postgresql-15-noset_0.3.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.3.0 · 28.3KiB	PIGSTY 0.3.0 u24.x86_64.pg14 : postgresql-14-noset postgresql-14-noset_0.3.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.3.0 · 28.3KiB
u24.aarch64	PIGSTY 0.3.0 u24.aarch64.pg18 : postgresql-18-noset postgresql-18-noset_0.3.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.3.0 · 27.9KiB	PIGSTY 0.3.0 u24.aarch64.pg17 : postgresql-17-noset postgresql-17-noset_0.3.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.3.0 · 27.9KiB	PIGSTY 0.3.0 u24.aarch64.pg16 : postgresql-16-noset postgresql-16-noset_0.3.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.3.0 · 27.9KiB	PIGSTY 0.3.0 u24.aarch64.pg15 : postgresql-15-noset postgresql-15-noset_0.3.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.3.0 · 27.9KiB	PIGSTY 0.3.0 u24.aarch64.pg14 : postgresql-14-noset postgresql-14-noset_0.3.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.3.0 · 27.9KiB

构建

您可以使用 pig build 命令构建 pg_noset 扩展的 RPM / DEB 包：

pig build pkg pg_noset         # 构建 RPM / DEB 包

安装

您可以直接安装 pg_noset 扩展包的预置二进制包，首先确保 PGDG 和 PIGSTY 仓库已经添加并启用：

pig repo add pgsql -u          # 添加仓库并更新缓存

使用 pig 或者是 apt/yum/dnf 安装扩展：

pig install pg_noset;          # 当前活跃 PG 版本安装

pig ext install -y pg_noset -v 18  # PG 18
pig ext install -y pg_noset -v 17  # PG 17
pig ext install -y pg_noset -v 16  # PG 16
pig ext install -y pg_noset -v 15  # PG 15
pig ext install -y pg_noset -v 14  # PG 14

dnf install -y noset_18       # PG 18
dnf install -y noset_17       # PG 17
dnf install -y noset_16       # PG 16
dnf install -y noset_15       # PG 15
dnf install -y noset_14       # PG 14

apt install -y postgresql-18-noset   # PG 18
apt install -y postgresql-17-noset   # PG 17
apt install -y postgresql-16-noset   # PG 16
apt install -y postgresql-15-noset   # PG 15
apt install -y postgresql-14-noset   # PG 14

预加载配置：

shared_preload_libraries = 'noset';

创建扩展：

CREATE EXTENSION noset;

用法

noset: 阻止用户通过 SET/RESET 更改会话参数

noset 是一个可加载模块，阻止特定用户使用 SET 或 RESET 命令更改会话参数。

CREATE EXTENSION noset;

配置

添加到 postgresql.conf：

shared_preload_libraries = 'noset'

GUC 参数

参数	默认值	描述
`noset.enabled`	`false`	为该角色启用 SET/RESET 阻止
`noset.parameters`	`*`	要阻止的参数（逗号分隔，`*` = 全部）

设置按用户限制

-- 阻止用户的所有 SET/RESET
ALTER USER appuser SET noset.enabled = true;

-- 仅阻止特定参数
ALTER USER appuser SET noset.enabled = true;
ALTER USER appuser SET noset.parameters = 'work_mem,jit';

示例

-- 作为 appuser：
SET work_mem = '1GB';
-- ERROR: permission denied to set/reset parameter 'set work_mem = '1GB';'

SET maintenance_work_mem = '1GB';
-- SET（允许，不在阻止列表中）

查找受限用户

SELECT usename, useconfig FROM pg_user
WHERE useconfig IS NOT NULL
  AND array['noset.enabled=on'] <@ useconfig;

注意事项

不适用于超级用户
该扩展撤销了 PUBLIC 对 set_config 函数的访问权限

意见反馈

这个页面对您有帮助吗？

感谢反馈！请告诉我们如何改进。

抱歉给您带来不便。请告诉我们如何改进。

最后修改 2026-03-14: update extension metadata (953cbd0)