pg_command_fw

DDL and utility command firewall for PostgreSQL

Overview

Package	Version	Category	License	Language
`pg_command_fw`	`0.1.0`	SEC	BSD-3-Clause	Rust

ID	Extension	Bin	Lib	Load	Create	Trust	Reloc	Schema
7400	`pg_command_fw`	No	Yes	Yes	Yes	No	No	-

Related	`pgaudit` `pgextwlist` `login_hook` `set_user`

Requires shared_preload_libraries = pg_command_fw to activate hooks for all sessions.

Version

Type	Repo	Version	PG Ver	Package	Deps
EXT	PIGSTY	`0.1.0`	1817161514	`pg_command_fw`	-
RPM	PIGSTY	`0.1.0`	1817161514	`pg_command_fw_$v`	-
DEB	PIGSTY	`0.1.0`	1817161514	`postgresql-$v-pg-command-fw`	-

OS / PG	PG18	PG17	PG16	PG15	PG14
el8.x86_64	PIGSTY 0.1.0 el8.x86_64.pg18 : pg_command_fw_18 pg_command_fw_18-0.1.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.1.0 · 313.1KiB	PIGSTY 0.1.0 el8.x86_64.pg17 : pg_command_fw_17 pg_command_fw_17-0.1.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.1.0 · 313.4KiB	PIGSTY 0.1.0 el8.x86_64.pg16 : pg_command_fw_16 pg_command_fw_16-0.1.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.1.0 · 313.0KiB	PIGSTY 0.1.0 el8.x86_64.pg15 : pg_command_fw_15 pg_command_fw_15-0.1.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.1.0 · 311.5KiB	PIGSTY MISS
el8.aarch64	PIGSTY 0.1.0 el8.aarch64.pg18 : pg_command_fw_18 pg_command_fw_18-0.1.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.1.0 · 204.4KiB	PIGSTY 0.1.0 el8.aarch64.pg17 : pg_command_fw_17 pg_command_fw_17-0.1.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.1.0 · 204.5KiB	PIGSTY 0.1.0 el8.aarch64.pg16 : pg_command_fw_16 pg_command_fw_16-0.1.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.1.0 · 204.4KiB	PIGSTY 0.1.0 el8.aarch64.pg15 : pg_command_fw_15 pg_command_fw_15-0.1.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.1.0 · 202.6KiB	PIGSTY MISS
el9.x86_64	PIGSTY 0.1.0 el9.x86_64.pg18 : pg_command_fw_18 pg_command_fw_18-0.1.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.1.0 · 329.1KiB	PIGSTY 0.1.0 el9.x86_64.pg17 : pg_command_fw_17 pg_command_fw_17-0.1.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.1.0 · 329.3KiB	PIGSTY 0.1.0 el9.x86_64.pg16 : pg_command_fw_16 pg_command_fw_16-0.1.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.1.0 · 329.0KiB	PIGSTY 0.1.0 el9.x86_64.pg15 : pg_command_fw_15 pg_command_fw_15-0.1.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.1.0 · 327.3KiB	PIGSTY MISS
el9.aarch64	PIGSTY 0.1.0 el9.aarch64.pg18 : pg_command_fw_18 pg_command_fw_18-0.1.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.1.0 · 216.5KiB	PIGSTY 0.1.0 el9.aarch64.pg17 : pg_command_fw_17 pg_command_fw_17-0.1.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.1.0 · 216.4KiB	PIGSTY 0.1.0 el9.aarch64.pg16 : pg_command_fw_16 pg_command_fw_16-0.1.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.1.0 · 216.4KiB	PIGSTY 0.1.0 el9.aarch64.pg15 : pg_command_fw_15 pg_command_fw_15-0.1.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.1.0 · 215.1KiB	PIGSTY MISS
el10.x86_64	PIGSTY 0.1.0 el10.x86_64.pg18 : pg_command_fw_18 pg_command_fw_18-0.1.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.1.0 · 329.4KiB	PIGSTY 0.1.0 el10.x86_64.pg17 : pg_command_fw_17 pg_command_fw_17-0.1.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.1.0 · 329.3KiB	PIGSTY 0.1.0 el10.x86_64.pg16 : pg_command_fw_16 pg_command_fw_16-0.1.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.1.0 · 328.9KiB	PIGSTY 0.1.0 el10.x86_64.pg15 : pg_command_fw_15 pg_command_fw_15-0.1.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.1.0 · 327.5KiB	PIGSTY MISS
el10.aarch64	PIGSTY 0.1.0 el10.aarch64.pg18 : pg_command_fw_18 pg_command_fw_18-0.1.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.1.0 · 217.4KiB	PIGSTY 0.1.0 el10.aarch64.pg17 : pg_command_fw_17 pg_command_fw_17-0.1.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.1.0 · 217.4KiB	PIGSTY 0.1.0 el10.aarch64.pg16 : pg_command_fw_16 pg_command_fw_16-0.1.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.1.0 · 217.5KiB	PIGSTY 0.1.0 el10.aarch64.pg15 : pg_command_fw_15 pg_command_fw_15-0.1.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.1.0 · 216.0KiB	PIGSTY MISS
d12.x86_64	PIGSTY 0.1.0 d12.x86_64.pg18 : postgresql-18-pg-command-fw postgresql-18-pg-command-fw_0.1.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.1.0 · 255.4KiB	PIGSTY 0.1.0 d12.x86_64.pg17 : postgresql-17-pg-command-fw postgresql-17-pg-command-fw_0.1.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.1.0 · 255.2KiB	PIGSTY 0.1.0 d12.x86_64.pg16 : postgresql-16-pg-command-fw postgresql-16-pg-command-fw_0.1.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.1.0 · 255.2KiB	PIGSTY 0.1.0 d12.x86_64.pg15 : postgresql-15-pg-command-fw postgresql-15-pg-command-fw_0.1.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.1.0 · 254.2KiB	PIGSTY MISS
d12.aarch64	PIGSTY 0.1.0 d12.aarch64.pg18 : postgresql-18-pg-command-fw postgresql-18-pg-command-fw_0.1.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.1.0 · 155.2KiB	PIGSTY 0.1.0 d12.aarch64.pg17 : postgresql-17-pg-command-fw postgresql-17-pg-command-fw_0.1.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.1.0 · 155.2KiB	PIGSTY 0.1.0 d12.aarch64.pg16 : postgresql-16-pg-command-fw postgresql-16-pg-command-fw_0.1.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.1.0 · 155.2KiB	PIGSTY 0.1.0 d12.aarch64.pg15 : postgresql-15-pg-command-fw postgresql-15-pg-command-fw_0.1.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.1.0 · 153.8KiB	PIGSTY MISS
d13.x86_64	PIGSTY 0.1.0 d13.x86_64.pg18 : postgresql-18-pg-command-fw postgresql-18-pg-command-fw_0.1.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.1.0 · 255.2KiB	PIGSTY 0.1.0 d13.x86_64.pg17 : postgresql-17-pg-command-fw postgresql-17-pg-command-fw_0.1.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.1.0 · 254.5KiB	PIGSTY 0.1.0 d13.x86_64.pg16 : postgresql-16-pg-command-fw postgresql-16-pg-command-fw_0.1.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.1.0 · 255.1KiB	PIGSTY 0.1.0 d13.x86_64.pg15 : postgresql-15-pg-command-fw postgresql-15-pg-command-fw_0.1.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.1.0 · 254.2KiB	PIGSTY MISS
d13.aarch64	PIGSTY 0.1.0 d13.aarch64.pg18 : postgresql-18-pg-command-fw postgresql-18-pg-command-fw_0.1.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.1.0 · 155.3KiB	PIGSTY 0.1.0 d13.aarch64.pg17 : postgresql-17-pg-command-fw postgresql-17-pg-command-fw_0.1.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.1.0 · 155.1KiB	PIGSTY 0.1.0 d13.aarch64.pg16 : postgresql-16-pg-command-fw postgresql-16-pg-command-fw_0.1.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.1.0 · 155.2KiB	PIGSTY 0.1.0 d13.aarch64.pg15 : postgresql-15-pg-command-fw postgresql-15-pg-command-fw_0.1.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.1.0 · 153.8KiB	PIGSTY MISS
u22.x86_64	PIGSTY 0.1.0 u22.x86_64.pg18 : postgresql-18-pg-command-fw postgresql-18-pg-command-fw_0.1.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.1.0 · 288.7KiB	PIGSTY 0.1.0 u22.x86_64.pg17 : postgresql-17-pg-command-fw postgresql-17-pg-command-fw_0.1.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.1.0 · 288.7KiB	PIGSTY 0.1.0 u22.x86_64.pg16 : postgresql-16-pg-command-fw postgresql-16-pg-command-fw_0.1.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.1.0 · 288.4KiB	PIGSTY 0.1.0 u22.x86_64.pg15 : postgresql-15-pg-command-fw postgresql-15-pg-command-fw_0.1.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.1.0 · 287.0KiB	PIGSTY MISS
u22.aarch64	PIGSTY 0.1.0 u22.aarch64.pg18 : postgresql-18-pg-command-fw postgresql-18-pg-command-fw_0.1.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.1.0 · 179.7KiB	PIGSTY 0.1.0 u22.aarch64.pg17 : postgresql-17-pg-command-fw postgresql-17-pg-command-fw_0.1.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.1.0 · 179.7KiB	PIGSTY 0.1.0 u22.aarch64.pg16 : postgresql-16-pg-command-fw postgresql-16-pg-command-fw_0.1.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.1.0 · 179.7KiB	PIGSTY 0.1.0 u22.aarch64.pg15 : postgresql-15-pg-command-fw postgresql-15-pg-command-fw_0.1.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.1.0 · 178.0KiB	PIGSTY MISS
u24.x86_64	PIGSTY 0.1.0 u24.x86_64.pg18 : postgresql-18-pg-command-fw postgresql-18-pg-command-fw_0.1.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.1.0 · 286.2KiB	PIGSTY 0.1.0 u24.x86_64.pg17 : postgresql-17-pg-command-fw postgresql-17-pg-command-fw_0.1.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.1.0 · 285.8KiB	PIGSTY 0.1.0 u24.x86_64.pg16 : postgresql-16-pg-command-fw postgresql-16-pg-command-fw_0.1.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.1.0 · 286.1KiB	PIGSTY 0.1.0 u24.x86_64.pg15 : postgresql-15-pg-command-fw postgresql-15-pg-command-fw_0.1.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.1.0 · 284.1KiB	PIGSTY MISS
u24.aarch64	PIGSTY 0.1.0 u24.aarch64.pg18 : postgresql-18-pg-command-fw postgresql-18-pg-command-fw_0.1.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.1.0 · 178.3KiB	PIGSTY 0.1.0 u24.aarch64.pg17 : postgresql-17-pg-command-fw postgresql-17-pg-command-fw_0.1.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.1.0 · 178.1KiB	PIGSTY 0.1.0 u24.aarch64.pg16 : postgresql-16-pg-command-fw postgresql-16-pg-command-fw_0.1.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.1.0 · 178.3KiB	PIGSTY 0.1.0 u24.aarch64.pg15 : postgresql-15-pg-command-fw postgresql-15-pg-command-fw_0.1.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.1.0 · 176.3KiB	PIGSTY MISS

Build

You can build the RPM / DEB packages for pg_command_fw using pig build:

pig build pkg pg_command_fw         # build RPM / DEB packages

Install

You can install pg_command_fw directly. First, make sure the PGDG and PIGSTY repositories are added and enabled:

pig repo add pgsql -u          # Add repo and update cache

Install the extension using pig or apt/yum/dnf:

pig install pg_command_fw;          # Install for current active PG version

pig ext install -y pg_command_fw -v 18  # PG 18
pig ext install -y pg_command_fw -v 17  # PG 17
pig ext install -y pg_command_fw -v 16  # PG 16
pig ext install -y pg_command_fw -v 15  # PG 15

dnf install -y pg_command_fw_18       # PG 18
dnf install -y pg_command_fw_17       # PG 17
dnf install -y pg_command_fw_16       # PG 16
dnf install -y pg_command_fw_15       # PG 15

apt install -y postgresql-18-pg-command-fw   # PG 18
apt install -y postgresql-17-pg-command-fw   # PG 17
apt install -y postgresql-16-pg-command-fw   # PG 16
apt install -y postgresql-15-pg-command-fw   # PG 15

Preload:

shared_preload_libraries = 'pg_command_fw';

Create Extension:

CREATE EXTENSION pg_command_fw;

Usage

Syntax:

CREATE EXTENSION pg_command_fw;
ALTER SYSTEM SET pg_command_fw.block_truncate = on;
ALTER SYSTEM SET pg_command_fw.production_schemas = 'public,payments';
SELECT pg_reload_conf();

Source: README

pg_command_fw is a PostgreSQL command firewall. It intercepts DDL and utility commands through the ProcessUtility hook and blocks selected built-in file-reading functions through the post-parse analyze hook. Each command category is controlled by its own GUC.

Setup

The extension must be preloaded:

shared_preload_libraries = 'pg_command_fw'

Then enable it in the database:

CREATE EXTENSION pg_command_fw;

Command Categories

The upstream README documents these firewall categories:

TRUNCATE
DROP TABLE
ALTER SYSTEM
LOAD
COPY ... PROGRAM
plain COPY
pg_read_file(), pg_read_binary_file(), and pg_stat_file()

Some categories block only non-superusers, while others block everyone including superusers. Superusers are only exempt from non-superuser categories unless they are explicitly listed in pg_command_fw.blocked_roles.

Important GUCs

pg_command_fw.enabled to enable or disable all checks
pg_command_fw.block_truncate
pg_command_fw.block_drop_table
pg_command_fw.production_schemas
pg_command_fw.block_alter_system
pg_command_fw.block_load
pg_command_fw.block_copy_program
pg_command_fw.block_copy
pg_command_fw.block_read_file
pg_command_fw.blocked_roles
pg_command_fw.hint
pg_command_fw.audit_log_enabled

Audit Log

The extension records intercepted commands in command_fw.audit_log. The README documents columns such as:

timestamp
session and current user names
original query text
command type
target schema or object
client address
whether the command was blocked
internal block reason

Examples

Block TRUNCATE and DROP TABLE in production schemas:

ALTER SYSTEM SET pg_command_fw.block_truncate = on;
ALTER SYSTEM SET pg_command_fw.block_drop_table = on;
ALTER SYSTEM SET pg_command_fw.production_schemas = 'public,payments';
ALTER SYSTEM SET pg_command_fw.hint = 'Contact your DBA to request access';
SELECT pg_reload_conf();

Block a specific role from any governed command:

ALTER SYSTEM SET pg_command_fw.blocked_roles = 'app_deploy';
SELECT pg_reload_conf();

Feedback

Was this page helpful?

Thanks for the feedback! Please let us know how we can improve.

Sorry to hear that. Please let us know how we can improve.

Last Modified 2026-04-14: update extension catalog (29617e5)