On Thu, Dec 23, 2010 at 23:44, Tom Lane <t...@sss.pgh.pa.us> wrote: > Josh Berkus <j...@agliodbs.com> writes: >> On 12/23/10 2:33 PM, Stephen Frost wrote: >>> A better alternative, imv, would be to just have a & d, and mention in >>> the release notes that users *should* create a dedicated replication >>> role which is *not* a superuser but *does* have the replication grant, >>> but if they don't want to change their existing configurations, they can >>> just grant the replication privilege to whatever role they're currently >>> using. > >> Well, if we really want people to change their behavior then we need to >> make it easy for them: > >> 1) have a replication permission >> 2) *by default* create a replication user with the replication >> permission when we initdb. > > Yeah, I could see doing that ... the entry would be wasted if you're not > doing any replication, but one wasted catalog entry isn't much. > > However, it'd be a real good idea for that role to be NOLOGIN if it's > there by default.
That shouldn't be too hard - I'll look at making the patch do that to make sure it *isn't* that hard ;) -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers