Thread: replication and pg_hba.conf

replication and pg_hba.conf

From

Magnus Hagander

Date:

16 January 2011, 13:08:49

In 9.0, we specifically require using "replication" as database name
to start a replication session. In 9.1 we will have the REPLICATION
attribute to a role - should we change it so that "all" in database
includes replication connections? It certainly goes in the "principle
of least surprise" path..

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

Re: replication and pg_hba.conf

From

Tom Lane

Date:

16 January 2011, 15:25:47

Magnus Hagander <magnus@hagander.net> writes:
> In 9.0, we specifically require using "replication" as database name
> to start a replication session. In 9.1 we will have the REPLICATION
> attribute to a role - should we change it so that "all" in database
> includes replication connections? It certainly goes in the "principle
> of least surprise" path..

No, not at all.  If we had set things up so that roles with replication
bit could *only* do replication, it might be sensible to think about
that, but we didn't.
        regards, tom lane

Re: replication and pg_hba.conf

From

Josh Berkus

Date:

16 January 2011, 19:55:32

> In 9.0, we specifically require using "replication" as database name
> to start a replication session. In 9.1 we will have the REPLICATION
> attribute to a role - should we change it so that "all" in database
> includes replication connections? It certainly goes in the "principle
> of least surprise" path..

+1.  It'll eliminate an entire file to edit for replication setup, so
does a lot to make initial replication setup easier.

--                                  -- Josh Berkus                                    PostgreSQL Experts Inc.
                        http://www.pgexperts.com

Re: replication and pg_hba.conf

From

Heikki Linnakangas

Date:

17 January 2011, 05:45:10

On 16.01.2011 22:55, Josh Berkus wrote:
>
>> In 9.0, we specifically require using "replication" as database name
>> to start a replication session. In 9.1 we will have the REPLICATION
>> attribute to a role - should we change it so that "all" in database
>> includes replication connections? It certainly goes in the "principle
>> of least surprise" path..
>
> +1.  It'll eliminate an entire file to edit for replication setup, so
> does a lot to make initial replication setup easier.

No, we should by secure by default. You usually want to lock down 
tightly where replication connections can come from. You know the IP 
addresses of your standby servers, so it shouldn't be hard to

If "all" includes replication connections, that makes it harder to 
configure pg_hba.conf correctly so that you allow normal connections 
from anywhere, but only allow replication connections from a specific IP 
address. You'd need two lines, first one to accept replication 
connections from the standby, and a second one to reject them from 
anywhere else.

But I wonder if we should add lines in the default pg_hba.conf to 
"trust" replication connections from loopback, like we do for normal 
connections?

--   Heikki Linnakangas  EnterpriseDB   http://www.enterprisedb.com

Re: replication and pg_hba.conf

From

Magnus Hagander

Date:

17 January 2011, 05:48:06

On Mon, Jan 17, 2011 at 07:44, Heikki Linnakangas
<heikki.linnakangas@enterprisedb.com> wrote:
> On 16.01.2011 22:55, Josh Berkus wrote:
>>
>>> In 9.0, we specifically require using "replication" as database name
>>> to start a replication session. In 9.1 we will have the REPLICATION
>>> attribute to a role - should we change it so that "all" in database
>>> includes replication connections? It certainly goes in the "principle
>>> of least surprise" path..
>>
>> +1.  It'll eliminate an entire file to edit for replication setup, so
>> does a lot to make initial replication setup easier.
>
> No, we should by secure by default. You usually want to lock down tightly
> where replication connections can come from. You know the IP addresses of
> your standby servers, so it shouldn't be hard to
>
> If "all" includes replication connections, that makes it harder to configure
> pg_hba.conf correctly so that you allow normal connections from anywhere,
> but only allow replication connections from a specific IP address. You'd
> need two lines, first one to accept replication connections from the
> standby, and a second one to reject them from anywhere else.

Yeah, that's true.


> But I wonder if we should add lines in the default pg_hba.conf to "trust"
> replication connections from loopback, like we do for normal connections?

That wouldn't hurt. Or at least put a commented-out line with a
typical replication line.

I now it says so in the documentation that is the top comment, but
that's long enough that people don't read it, and then end up going
WTF when they realize it...

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

Re: replication and pg_hba.conf

From

Robert Haas

Date:

17 January 2011, 10:54:04

On Jan 17, 2011, at 1:44 AM, Heikki Linnakangas <heikki.linnakangas@enterprisedb.com> wrote:
> But I wonder if we should add lines in the default pg_hba.conf to "trust" replication connections from loopback, like
wedo for normal connections? 

Seems sorta pointless.

...Robert