From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | "Keith Fiske" <keith(at)omniti(dot)com> |
Cc: | pgsql-bugs(at)postgresql(dot)org |
Subject: | Re: BUG #6264: Superuser does not have inherent Replication permission |
Date: | 2011-10-22 15:49:34 |
Message-ID: | 9214.1319298574@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
"Keith Fiske" <keith(at)omniti(dot)com> writes:
> The documentation says replication is inherent to a superuser.
What it actually says is that superusers get the replication privilege
by default --- but you can create a superuser without that. If you
see a place that says something different, please point it out
specifically so we can improve it.
> After testing
> several times, I can assure you it is not.
Please show your test case. It looks to me like it works as expected:
regression=# create user foo superuser;
CREATE ROLE
regression=# create user foo2 superuser noreplication;
CREATE ROLE
regression=# select rolname,rolsuper,rolreplication from pg_authid ;
rolname | rolsuper | rolreplication
----------+----------+----------------
postgres | t | t
foo | t | t
foo2 | t | f
(3 rows)
> If you create a user as a NONsuperuser,
> then later ALTER them to be one, they will NOT have the replication
> permission and cannot be used as a replication user until you explicitly
> grant that permission.
That doesn't sound to me like a bug. These flags are independent, we
just provide a certain default at role creation time.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2011-10-22 16:13:45 | Re: 'pg_ctl restart' confused about pathname to postgresql.conf |
Previous Message | Keith Fiske | 2011-10-21 21:54:56 | BUG #6264: Superuser does not have inherent Replication permission |