On Mon, Jan 24, 2011 at 17:52, Heikki Linnakangas <heikki.linnakan...@enterprisedb.com> wrote: > On 13.01.2011 23:32, Heikki Linnakangas wrote: >> >> Anyway, here's an updated patch with all the known issues fixed. > > Another updated patch. Fixed bitrot, and addressed the privilege issue > Fujii-san raised here: > http://archives.postgresql.org/message-id/4d380560.3040...@enterprisedb.com. > I changed the privilege checks so that pg_start/stop_backup() functions > require superuser privileges again, but not for a base backup via the > replication protocol (replication privilege is needed to establish a > replication connection to begin with).
I'm not entirely sure the replication privilege removal is correct. Doing that, it's no longer possible to deploy a slave *without* using pg_basebackup, unless you are superuser. Do we really want to put that restriction back in? (And if we do, the docs proably need an update...) I can't see an explicit check for the user ttempting to do pg_stop_backup() when there is a nonexclusive backup running? Maybe I'm reading it wrong? The case being when a user has started a backup with pg_basebackup but then connects and manually does a pg_stop_backup. ISTM it drops us ina codepath that just doesn't do the decrement, but also doesn't throw an error? -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
