Postgres Pro
Downloads
Home   >   mailing lists

Re: [HACKERS] Enabling replication connections by default in pg_hba.conf - Mailing list pgsql-hackers

From Magnus Hagander
Subject Re: [HACKERS] Enabling replication connections by default in pg_hba.conf
Date
Msg-id CABUevEwNy8QKjtx32pRHb7q5ifhY_ReQj4EviW-g4M3vQ-ipOg@mail.gmail.com
Whole thread Raw
In response to Re: [HACKERS] Enabling replication connections by default inpg_hba.conf  (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>)
Responses Re: [HACKERS] Enabling replication connections by default in pg_hba.conf  (Michael Paquier <michael.paquier@gmail.com>)
List pgsql-hackers
Tree view
On Thursday, March 2, 2017, Peter Eisentraut <peter.eisentraut@2ndquadrant.com> wrote:
On 2/3/17 17:47, Michael Paquier wrote:
> On Fri, Feb 3, 2017 at 4:59 AM, Simon Riggs <simon@2ndquadrant.com> wrote:
>>> It's weirdly inconsistent now.  You need a "replication" line in
>>> pg_hba.conf to connect for logical decoding, but you can't restrict that
>>> to a specific database because the database column in pg_hba.conf is
>>> occupied by the "replication" key word.
>> Agreed. Change needed.
> That sounds really apealling indeed after thinking about its
> implications. So we would simply authorize a WAL sender sending
> "replication" to connect if the user name matches. That's in short
> check_db() in hba.c.

In
<https://www.postgresql.org/message-id/7a33990f-75b1-5a4f-e7c0-223e15b84c11@2ndquadrant.com>
patch 0006 it is proposed to no longer use the "replication" keyword in
pg_hba.conf for logical
replication and use the normal database entries instead.

However, I don't think we can reasonably get rid of the replication
keyword for physical replication.  Say if you have a pg_hba.conf like

host  db1  someusers  ...
host  db2  someusers  ...
host  db3  someusers  ...

how would you decide access for physical replication?  Since physical
replication is not to a database, you need a way to call it out
separately if your pg_hba.conf style is to enumerate databases.

That's the reason we created the "replication" keyword in the first place, isn't it? I think it makes sense to keep that, but it also makes sense to not use it for logical.


What we could do to make things simpler is to include "replication" in
the "all" keyword.

The downside of that is that if somebody isn't reading the release notes carefully, or just applying some templates from their puppet or chef or whatnot, they may end up opening their database up for replication for users and IP addresses they did not intend to. (For users it's probably not an issue thanks to the replication privilege at the user level, but for IP addresses it definitely does)

//Magnus
 


--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

pgsql-hackers by date:

Previous
From: Peter Geoghegan
Date:
Subject: Re: [HACKERS] GUC for cleanup indexes threshold.
Next
From: David Steele
Date:
Subject: Re: [HACKERS] Protect syscache from bloating with negative cache entries