Fix false positive non-superuser errors

Regex matching solely against the word "insufficient" means that it's trivial to cause this to alert unnecessarily by merely including the string "insufficient" in one's real query. Instead verify that we don't actually have a real query and know for certain this is an error condition.

Author: jcoleman

check_postgres.pl

@@ -8737,7 +8737,7 @@ sub check_txn_idle {
         my $st = defined($r->{state}) ? $r->{state} : '';
 
         ## Return unknown if we cannot see because we are a non-superuser
-        if ($cq =~ /insufficient/) {
+        if ($cq eq '<insufficient privilege>') {
             add_unknown msg('psa-nosuper');
             return;
         }

t/02_query_time.t

@@ -6,7 +6,7 @@ use 5.008;
 use strict;
 use warnings;
 use Data::Dumper;
-use Test::More tests => 14;
+use Test::More tests => 15;
 use lib 't','.';
 use CP_Testing;
 
@@ -102,4 +102,26 @@ $dbh->disconnect();
 
 waitpid $child, 0;
 
+# Test that a query using the word insufficient doesn't trigger the unknown data alert.
+
+$child = fork();
+if (0 == $child) {
+    my $kiddbh = $cp->test_database_handle();
+    $kiddbh->do(qq{SELECT pg_sleep(3) AS insufficient});
+    $kiddbh->rollback();
+    $kiddbh->disconnect();
+    exit;
+}
+
+my $dbh = $cp->test_database_handle();
+sleep 1;
+$t = qq{$S non-superuser access isn't fooled by the word insufficient};
+like ($cp->run(q{-w 1 -vv}), qr{$label WARNING}, $t);
+$dbh->rollback();
+$dbh->disconnect();
+
+$dbh->disconnect();
+
+waitpid $child, 0;
+
 exit;