diff options
| -rw-r--r-- | doc/src/sgml/high-availability.sgml | 6 | ||||
| -rw-r--r-- | doc/src/sgml/ref/create_role.sgml | 3 | ||||
| -rw-r--r-- | doc/src/sgml/user-manag.sgml | 11 | ||||
| -rw-r--r-- | src/backend/commands/user.c | 8 | ||||
| -rw-r--r-- | src/include/catalog/catversion.h | 2 | ||||
| -rw-r--r-- | src/include/catalog/pg_authid.h | 2 |
6 files changed, 22 insertions, 10 deletions
diff --git a/doc/src/sgml/high-availability.sgml b/doc/src/sgml/high-availability.sgml index 2c24fd9c139..b1ec461f53e 100644 --- a/doc/src/sgml/high-availability.sgml +++ b/doc/src/sgml/high-availability.sgml @@ -805,9 +805,9 @@ archive_cleanup_command = 'pg_archivecleanup /path/to/archive %r' <note> <para> It is recommended that a dedicated user account is used for replication. - While it is possible to add the <literal>REPLICATION</> privilege to - a superuser account for the purporses of replication, this is not - recommended. While <literal>REPLICATION</> privilege gives very high + While the <literal>REPLICATION</> privilege is granted to superuser + accounts by default, it is not recommended to use superuser accounts + for replication. While <literal>REPLICATION</> privilege gives very high permissions, it does not allow the user to modify any data on the primary system, which the <literal>SUPERUSER</> privilege does. </para> diff --git a/doc/src/sgml/ref/create_role.sgml b/doc/src/sgml/ref/create_role.sgml index 7cc7f149fdc..43bec5d8e13 100644 --- a/doc/src/sgml/ref/create_role.sgml +++ b/doc/src/sgml/ref/create_role.sgml @@ -185,7 +185,8 @@ CREATE ROLE <replaceable class="PARAMETER">name</replaceable> [ [ WITH ] <replac A role having the <literal>REPLICATION</> attribute is a very highly privileged role, and should only be used on roles actually used for replication. If not specified, - <literal>NOREPLICATION</literal> is the default. + <literal>NOREPLICATION</literal> is the default for all roles except + superusers. </para> </listitem> </varlistentry> diff --git a/doc/src/sgml/user-manag.sgml b/doc/src/sgml/user-manag.sgml index 08b3fb7dc42..2830aec49ca 100644 --- a/doc/src/sgml/user-manag.sgml +++ b/doc/src/sgml/user-manag.sgml @@ -175,7 +175,11 @@ CREATE USER <replaceable>name</replaceable>; to do most of your work as a role that is not a superuser. To create a new database superuser, use <literal>CREATE ROLE <replaceable>name</replaceable> SUPERUSER</literal>. You must do - this as a role that is already a superuser. + this as a role that is already a superuser. Creating a superuser + will by default also grant permissions to initiate streaming + replication. For increased security this can be disallowed using + <literal>CREATE ROLE <replaceable>name</replaceable> SUPERUSER + NOREPLICATION</literal>. </para> </listitem> </varlistentry> @@ -214,9 +218,8 @@ CREATE USER <replaceable>name</replaceable>; <listitem> <para> A role must explicitly be given permission to initiate streaming - replication (superusers do not bypass this check). A role used - for streaming replication must always have <literal>LOGIN</> - permission as well. To create such a role, use + replication. A role used for streaming replication must always + have <literal>LOGIN</> permission as well. To create such a role, use <literal>CREATE ROLE <replaceable>name</replaceable> REPLICATION LOGIN</literal>. </para> diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c index 9e505b7525f..be049cb9945 100644 --- a/src/backend/commands/user.c +++ b/src/backend/commands/user.c @@ -248,7 +248,15 @@ CreateRole(CreateRoleStmt *stmt) if (dpassword && dpassword->arg) password = strVal(dpassword->arg); if (dissuper) + { issuper = intVal(dissuper->arg) != 0; + /* + * Superusers get replication by default, but only if + * NOREPLICATION wasn't explicitly mentioned + */ + if (!(disreplication && intVal(disreplication->arg) == 0)) + isreplication = 1; + } if (dinherit) inherit = intVal(dinherit->arg) != 0; if (dcreaterole) diff --git a/src/include/catalog/catversion.h b/src/include/catalog/catversion.h index 2daf9f80ef4..3f5ef242ed2 100644 --- a/src/include/catalog/catversion.h +++ b/src/include/catalog/catversion.h @@ -53,6 +53,6 @@ */ /* yyyymmddN */ -#define CATALOG_VERSION_NO 201101031 +#define CATALOG_VERSION_NO 201101051 #endif diff --git a/src/include/catalog/pg_authid.h b/src/include/catalog/pg_authid.h index 7eee4cb5cbc..0c5ae443a0d 100644 --- a/src/include/catalog/pg_authid.h +++ b/src/include/catalog/pg_authid.h @@ -93,7 +93,7 @@ typedef FormData_pg_authid *Form_pg_authid; * user choices. * ---------------- */ -DATA(insert OID = 10 ( "POSTGRES" t t t t t t f -1 _null_ _null_ )); +DATA(insert OID = 10 ( "POSTGRES" t t t t t t t -1 _null_ _null_ )); #define BOOTSTRAP_SUPERUSERID 10 |