Hello :-) I've set up Slony on a pair of test machines, and it worked as expected. This was done using database superusers across all parts of the configuration. I wanted to lower the privilege requirements, as was deemed possible in the Slony documentation, but I'm having trouble with that extra part of configuration. The section on security considerations < http://www.slony.info/documentation/2.2/security.html> reads:
> The Remote slon connection information is specified in the SLONIK STORE PATH command when adding paths. The slon daemon needs to connect to remote databases with sufficient permissions to: (...) > > Note that this role does not have any need to modify data; it purely involves SELECT access. So this seems to be the (only) place where I can use a less privileged user, and that seems helpful in the scenario where I run a slon instance on each node (instead of running all instances on the master node) — I wouldn't need to open superuser access to other hosts. However this piece of documentation above seems to contradict the documentation for STORE PATH <http://www.slony.info/documentation/2.2/stmtstorepath.html>: > The conninfo string must contain all information to connect to the database as the replication superuser. So I don't know if my understanding is not correct, or maybe if there's some problem with the documentation. I tried changing the connection parameters in several ways (directly in the slon daemon invocation, or in slon_tools.conf, or in STORE PATH…). But it seemed better than solve this by trial-and-error to come and ask if anyone has some more pointers on how can I set this up :-) Thanks in advance, Eduardo
_______________________________________________ Slony1-general mailing list Slony1-general@lists.slony.info http://lists.slony.info/mailman/listinfo/slony1-general
