On 11/03/2011 03:16 PM, Tom Lane wrote:
> Andrew Dunstan<andrew@dunslane.net> writes:
>> Do not treat a superuser as a member of every role for HBA purposes.
>> This makes it possible to use reject lines with group roles.
> As committed, this patch also changes the behavior of "samerole", but
> the doc update fails to reflect that.
>
>
I'm happy to update the docs if you think it's necessary. I think this
is desired behaviour, for the same reason as for named roles, namely
that you can add superusers to the list if necessary. I can't think of a
sane case where this would make a difference, but I'm happy to be
pedantic if you like.
cheers
andrew