Skip site navigation (1) Skip section navigation (2)

Re: Streaming replication as a separate permissions

From: Robert Haas <robertmhaas(at)gmail(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Florian Pflug <fgp(at)phlo(dot)org>, Magnus Hagander <magnus(at)hagander(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Streaming replication as a separate permissions
Date: 2010-12-24 04:31:38
Message-ID: AANLkTimOBBxhJds37d4MHPy8r_zfeHa9mTt81ToiWc-r@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-hackers
On Thu, Dec 23, 2010 at 11:00 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Florian Pflug <fgp(at)phlo(dot)org> writes:
>> The problem here is that you suggest NOLOGIN should mean "Not allowed
>> to issue SQL commands", which really isn't what the name "NOLOGIN"
>> conveys.
>
> No, it means "not allowed to connect".  It's possible now to issue
> commands as a NOLOGIN user, you just have to use SET ROLE to become the
> user.  I think you're arguing about a design choice that was already
> made some time ago.

I think I agree with Florian about the confusing-ness of the proposed
semantics.  Aren't you saying you want NOLOGIN mean "not allowed to
log in for the purposes of issuing SQL commands, but allowed to log in
for replication"?  Uggh.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

Responses

pgsql-hackers by date

Next:From: Robert HaasDate: 2010-12-24 04:35:26
Subject: pg_dump -X
Previous:From: Tom LaneDate: 2010-12-24 04:00:14
Subject: Re: Streaming replication as a separate permissions

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group