From c495fcaa5fdc9c46ee46447dd713477ffda7e499 Mon Sep 17 00:00:00 2001
From: lijianfeng <bigtimer@qq.com>
Date: Thu, 24 Nov 2022 02:38:21 +0000
Subject: [PATCH] =?UTF-8?q?=E7=A6=81=E6=AD=A2=E6=99=AE=E9=80=9A=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=E8=BF=9E=E6=8E=A5=E6=95=B0=E6=8D=AE=E5=BA=93=E6=A8=A1?=
 =?UTF-8?q?=E6=9D=BFtemplate1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: lijianfeng <bigtimer@qq.com>
---
 src/common/backend/utils/init/postinit.cpp | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/common/backend/utils/init/postinit.cpp b/src/common/backend/utils/init/postinit.cpp
index fddce1fc6..2aa948f13 100644
--- a/src/common/backend/utils/init/postinit.cpp
+++ b/src/common/backend/utils/init/postinit.cpp
@@ -518,11 +518,14 @@ static void CheckConnAuthority(const char* name, bool am_superuser)
     if (IsUnderPostmaster && !IsAutoVacuumWorkerProcess() && !IsJobSchedulerProcess() && !IsJobWorkerProcess() &&
         !IsBgWorkerProcess() && !IsTxnSnapCapturerProcess() && !IsTxnSnapWorkerProcess() && !IsRbCleanerProcess() && !IsRbWorkerProcess() &&
          !IsCfsShrinkerProcess()) {
+        bool isLocalAddr = false;
+        if (u_sess->proc_cxt.MyProcPort != NULL) {
+            isLocalAddr = IsLocalAddr(u_sess->proc_cxt.MyProcPort);
+        }
+
         /* Database Security: Check privilege to connect to the database.
          * Only superuser on the local machine can connect to "template1".*/
-        if (IS_PGXC_COORDINATOR && IsConnFromApp() &&
-            (!am_superuser || !IsLocalAddr(u_sess->proc_cxt.MyProcPort)) &&
-            strcmp(name, "template1") == 0) {
+        if (strcmp(name, "template1") == 0 && IsConnFromApp() && !(am_superuser && isLocalAddr)) {
             ereport(FATAL,
                 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
                     errmsg("permission denied for database \"%s\"", name),