database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-03 20:02:46 +03:00
Code Activity

Make superuser imply replication privilege. The idea of a privilege that

Browse Source 
superuser doesn't have doesn't make much sense, as a superuser can do
whatever he wants through other means, anyway. So instead of granting
replication privilege to superusers in CREATE USER time by default, allow
replication connection from superusers whether or not they have the
replication privilege.

Patch by Noah Misch, per discussion on bug report #6264
This commit is contained in:
Heikki Linnakangas
2012-01-14 18:22:16 +02:00
parent ea038d65c2
commit 00c5f55061
8 changed files with 32 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/backend/utils/init/postinit.c
View File

@ -659,11 +659,10 @@ InitPostgres(const char *in_dbname, Oid dboid, const char *username,
{
Assert(!bootstrap);
/* must have authenticated as a replication role */
if (!is_authenticated_user_replication_role())
if (!superuser() && !is_authenticated_user_replication_role())
ereport(FATAL,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg("must be replication role to start walsender")));
errmsg("must be superuser or replication role to start walsender")));
/* process any options passed in the startup packet */
if (MyProcPort != NULL)