Thread: REPLICATION privilege and shutdown
Hi, Both the user with REPLICATION privilege and the superuser can call pg_stop_backup. But only superuser can connect to the server to cancel online backup during shutdown. The non-superuser with REPLICATION privilege cannot. Is this behavior intentional? Or just oversight? Regards, -- Fujii Masao NIPPON TELEGRAPH AND TELEPHONE CORPORATION NTT Open Source Software Center
On 20.01.2011 11:41, Fujii Masao wrote: > Hi, > > Both the user with REPLICATION privilege and the superuser can > call pg_stop_backup. But only superuser can connect to the server > to cancel online backup during shutdown. The non-superuser with > REPLICATION privilege cannot. Is this behavior intentional? Or just > oversight? I think we need to consider the situation after the "multiple streaming base backups" patch goes in. After that we can change pg_stop_backup() so that you need superuser privileges to run it again - replication privileges is enough to do a streaming base backup, but that no longer interferes with the pg_start/stop_backup() admin functions. At the moment, a streaming base backup and manual pg_start/stop_backup() use the same machinery, so it's possible e.g to run pg_stop_backup() while a streaming base backup is running, causing it to fail at the end. Or worse, you can run pg_stop_backup()+pg_start_backup(), and the streaming base backup will seemingly succeed, but the produced backup is potentially corrupt. The multiple base backups patch will fix that too. -- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com
On Thu, Jan 20, 2011 at 10:50, Heikki Linnakangas <heikki.linnakangas@enterprisedb.com> wrote: > On 20.01.2011 11:41, Fujii Masao wrote: >> >> Hi, >> >> Both the user with REPLICATION privilege and the superuser can >> call pg_stop_backup. But only superuser can connect to the server >> to cancel online backup during shutdown. The non-superuser with >> REPLICATION privilege cannot. Is this behavior intentional? Or just >> oversight? > > I think we need to consider the situation after the "multiple streaming base > backups" patch goes in. After that we can change pg_stop_backup() so that > you need superuser privileges to run it again - replication privileges is > enough to do a streaming base backup, but that no longer interferes with the > pg_start/stop_backup() admin functions. > > At the moment, a streaming base backup and manual pg_start/stop_backup() use > the same machinery, so it's possible e.g to run pg_stop_backup() while a > streaming base backup is running, causing it to fail at the end. Or worse, > you can run pg_stop_backup()+pg_start_backup(), and the streaming base > backup will seemingly succeed, but the produced backup is potentially > corrupt. > > The multiple base backups patch will fix that too. Yeah; I've been avoiding to even think about that one pending the multiple base backups, onthe assumption that it goes in before release. If it doesn't, for some reason, that needs to be revisited, obviously. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/
On Thu, Jan 20, 2011 at 6:50 PM, Heikki Linnakangas <heikki.linnakangas@enterprisedb.com> wrote: > I think we need to consider the situation after the "multiple streaming base > backups" patch goes in. After that we can change pg_stop_backup() so that > you need superuser privileges to run it again - replication privileges is > enough to do a streaming base backup, but that no longer interferes with the > pg_start/stop_backup() admin functions. Fair enough. > At the moment, a streaming base backup and manual pg_start/stop_backup() use > the same machinery, so it's possible e.g to run pg_stop_backup() while a > streaming base backup is running, causing it to fail at the end. Or worse, > you can run pg_stop_backup()+pg_start_backup(), and the streaming base > backup will seemingly succeed, but the produced backup is potentially > corrupt. > > The multiple base backups patch will fix that too. OK. BTW, I found this behavior when I read your patch ;) Regards, -- Fujii Masao NIPPON TELEGRAPH AND TELEPHONE CORPORATION NTT Open Source Software Center