1
0
mirror of https://github.com/postgres/postgres.git synced 2025-07-24 14:22:24 +03:00

Doc: Outline REPLICATION before SUPERUSER privilege

The following docs are updated:
- High-availaility section
- pg_basebackup
- pg_receivewal

Per the principle of least privilege, we want to encourage users to
interact with those areas using roles that have replication rights, but
superusers were mentioned first.

Author: Daniel Gustafsson
Reviewed-by: Fujii Masao, Michael Paquier
Discussion: https://postgr.es/m/ECEBD212-7101-41EB-84F3-2F356E4B6401@yesql.se
This commit is contained in:
Michael Paquier
2020-05-05 14:16:01 +09:00
parent 849ac35813
commit c5114e42fa
3 changed files with 17 additions and 14 deletions

View File

@ -827,12 +827,14 @@ archive_cleanup_command = 'pg_archivecleanup /path/to/archive %r'
It is very important that the access privileges for replication be set up
so that only trusted users can read the WAL stream, because it is
easy to extract privileged information from it. Standby servers must
authenticate to the primary as a superuser or an account that has the
<literal>REPLICATION</literal> privilege. It is recommended to create a
dedicated user account with <literal>REPLICATION</literal> and <literal>LOGIN</literal>
privileges for replication. While <literal>REPLICATION</literal> privilege gives
very high permissions, it does not allow the user to modify any data on
the primary system, which the <literal>SUPERUSER</literal> privilege does.
authenticate to the primary as an account that has the
<literal>REPLICATION</literal> privilege or a superuser. It is
recommended to create a dedicated user account with
<literal>REPLICATION</literal> and <literal>LOGIN</literal>
privileges for replication. While <literal>REPLICATION</literal>
privilege gives very high permissions, it does not allow the user to
modify any data on the primary system, which the
<literal>SUPERUSER</literal> privilege does.
</para>
<para>

View File

@ -51,8 +51,8 @@ PostgreSQL documentation
<para>
The backup is made over a regular <productname>PostgreSQL</productname>
connection, and uses the replication protocol. The connection must be made
with a superuser or a user having <literal>REPLICATION</literal>
permissions (see <xref linkend="role-attributes"/>),
with a user having <literal>REPLICATION</literal> permissions
(see <xref linkend="role-attributes"/>) or a superuser,
and <filename>pg_hba.conf</filename> must explicitly permit the replication
connection. The server must also be configured
with <xref linkend="guc-max-wal-senders"/> set high enough to leave at least

View File

@ -68,12 +68,13 @@ PostgreSQL documentation
<para>
The write-ahead log is streamed over a regular
<productname>PostgreSQL</productname> connection and uses the replication
protocol. The connection must be made with a superuser or a user
having <literal>REPLICATION</literal> permissions (see
<xref linkend="role-attributes"/>), and <filename>pg_hba.conf</filename>
must permit the replication connection. The server must also be
configured with <xref linkend="guc-max-wal-senders"/> set high enough to
leave at least one session available for the stream.
protocol. The connection must be made with a user having
<literal>REPLICATION</literal> permissions (see
<xref linkend="role-attributes"/>) or a superuser, and
<filename>pg_hba.conf</filename> must permit the replication connection.
The server must also be configured with
<xref linkend="guc-max-wal-senders"/> set high enough to leave at least
one session available for the stream.
</para>
<para>