| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Keith Fiske" <keith(at)omniti(dot)com> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #6264: Superuser does not have inherent Replication permission |
| Date: | 2011-10-22 15:49:34 |
| Message-ID: | 9214.1319298574@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
"Keith Fiske" <keith(at)omniti(dot)com> writes:
> The documentation says replication is inherent to a superuser.
What it actually says is that superusers get the replication privilege
by default --- but you can create a superuser without that. If you
see a place that says something different, please point it out
specifically so we can improve it.
> After testing
> several times, I can assure you it is not.
Please show your test case. It looks to me like it works as expected:
regression=# create user foo superuser;
CREATE ROLE
regression=# create user foo2 superuser noreplication;
CREATE ROLE
regression=# select rolname,rolsuper,rolreplication from pg_authid ;
rolname | rolsuper | rolreplication
----------+----------+----------------
postgres | t | t
foo | t | t
foo2 | t | f
(3 rows)
> If you create a user as a NONsuperuser,
> then later ALTER them to be one, they will NOT have the replication
> permission and cannot be used as a replication user until you explicitly
> grant that permission.
That doesn't sound to me like a bug. These flags are independent, we
just provide a certain default at role creation time.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2011-10-22 16:13:45 | Re: 'pg_ctl restart' confused about pathname to postgresql.conf |
| Previous Message | Keith Fiske | 2011-10-21 21:54:56 | BUG #6264: Superuser does not have inherent Replication permission |