Josh Berkus <josh@agliodbs.com> writes:
> On 12/23/10 2:33 PM, Stephen Frost wrote:
>> A better alternative, imv, would be to just have a & d, and mention in
>> the release notes that users *should* create a dedicated replication
>> role which is *not* a superuser but *does* have the replication grant,
>> but if they don't want to change their existing configurations, they can
>> just grant the replication privilege to whatever role they're currently
>> using.
> Well, if we really want people to change their behavior then we need to
> make it easy for them:
> 1) have a replication permission
> 2) *by default* create a replication user with the replication
> permission when we initdb.
Yeah, I could see doing that ... the entry would be wasted if you're not
doing any replication, but one wasted catalog entry isn't much.
However, it'd be a real good idea for that role to be NOLOGIN if it's
there by default.
regards, tom lane
