Add REPLICATION privilege for ROLEs
This privilege is required to do Streaming Replication, instead of
superuser, making it possible to set up a SR slave that doesn't
have write permissions on the master.
Superuser privileges do NOT override this check, so in order to
use the default superuser account for replication it must be
explicitly granted the REPLICATION permissions. This is backwards
incompatible change, in the interest of higher default security.
Branch
------
master
Details
-------
http://git.postgresql.org/gitweb?p=postgresql.git;a=commitdiff;h=9b8aff8c192e2f313f90395d114c58a9ef84f97f
Modified Files
--------------
doc/src/sgml/catalogs.sgml | 11 ++++++++
doc/src/sgml/func.sgml | 4 +-
doc/src/sgml/high-availability.sgml | 27 ++++++++++++++-----
doc/src/sgml/ref/alter_role.sgml | 5 +++-
doc/src/sgml/ref/alter_user.sgml | 1 +
doc/src/sgml/ref/create_role.sgml | 16 ++++++++++++
doc/src/sgml/ref/create_user.sgml | 1 +
src/backend/access/transam/xlog.c | 8 +++---
src/backend/catalog/system_views.sql | 3 ++
src/backend/commands/user.c | 46 ++++++++++++++++++++++++++++++++++
src/backend/parser/gram.y | 20 ++++++++++++---
src/backend/utils/init/miscinit.c | 19 ++++++++++++++
src/backend/utils/init/postinit.c | 6 ++--
src/bin/pg_dump/pg_dumpall.c | 25 ++++++++++++++++--
src/bin/psql/describe.c | 8 ++++++
src/include/catalog/pg_authid.h | 12 +++++---
src/include/miscadmin.h | 1 +
src/include/parser/kwlist.h | 2 +
src/test/regress/expected/rules.out | 6 ++--
19 files changed, 189 insertions(+), 32 deletions(-)
