| From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | chris+postgresql(at)qwirx(dot)com, pgsql-docs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Logical replication subscription owner |
| Date: | 2020-04-22 22:59:11 |
| Message-ID: | 20200422225911.GA10161@alvherre.pgsql |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs pgsql-hackers |
On 2020-Apr-22, Stephen Frost wrote:
> * Alvaro Herrera (alvherre(at)2ndquadrant(dot)com) wrote:
> > I wonder if a better answer is to allow the connection when the
> > REPLICATION priv is granted, ignoring the LOGIN prov.
>
> Erm, no, I wouldn't have thought that'd make sense- maybe someone
> specifically wants to stop allowing that role to login and they remove
> LOGIN? That REPLICATION would override that would surely be surprising
> and counter-intuitive..
Well, I guess if somebody wants to stop replication, they can remove
the REPLICATION priv.
I had it in my mind that LOGIN was for regular (SQL-based) login, and
REPLICATION was for replication login, and that they were orthogonal.
You're saying that there's no way a role can have REPLICATION privs but
no LOGIN. Is that sensible?
--
Álvaro Herrera https://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2020-04-22 23:14:41 | Re: Logical replication subscription owner |
| Previous Message | Bruce Momjian | 2020-04-22 20:23:31 | Re: terminology in example |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tomas Vondra | 2020-04-22 22:59:19 | Re: sqlsmith crash incremental sort |
| Previous Message | David Rowley | 2020-04-22 22:58:33 | Re: Parallel Append can break run-time partition pruning |