Hi,
On 2016-04-22 14:56:44 -0400, Stephen Frost wrote:
> The idea we came up with is to have a pg_replication default role which
> essentially replaces the REPLICATION role attribute. Andres didn't see
> it as being terribly valuable to disallow a role with the REPLICATION
> attribute from logging into the database directly, if it's allowed to do
> so by pg_hba.conf.
Not just not useful, but rather an anti-feature.
> Lastly, Andres felt that we could keep the syntax for
> setting/unsetting the role attribute and just convert those into
> GRANT/REVOKE statements for the pg_replication role. I'm not thrilled
> with that idea as it feels a bit unnecessary at this point, given the
> relatively few users of pg_logical_* functions by tools
Uh, that's not just about the pg_logical_ functions. It's primarily
about scripts which setup a postgres cluster, including replicas. Those
will frequently (hopefully at least) include creating/altering a role to
have the replication flag set?
> Andres, please correct me if any of the above is incorrect.
Nothing but the above point stands out.
- Andres
