rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change logical replication pg_hba.conf use 

Logical replication no longer uses the "replication" keyword.  It just
matches database entries in the normal way.  The "replication" keyword
now only applies to physical replication.

Reviewed-by: Petr Jelinek <petr.jelinek@2ndquadrant.com>
This commit is contained in:
Peter Eisentraut 2017-02-13 16:50:29 -05:00
parent 4cfc9484d4
commit 8df9bd0b44
3 changed files with 6 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/src/sgml/client-auth.sgml
View File

@ -193,7 +193,7 @@ hostnossl <replaceable>database</replaceable> <replaceable>user</replaceable>
members of the role, directly or indirectly, and not just by members of the role, directly or indirectly, and not just by
virtue of being a superuser. virtue of being a superuser.
The value <literal>replication</> specifies that the record The value <literal>replication</> specifies that the record
matches if a replication connection is requested (note that matches if a physical replication connection is requested (note that
replication connections do not specify any particular database). replication connections do not specify any particular database).
Otherwise, this is the name of Otherwise, this is the name of
a specific <productname>PostgreSQL</productname> database. a specific <productname>PostgreSQL</productname> database.

8
doc/src/sgml/logical-replication.sgml
View File

@ -295,11 +295,9 @@
<title>Security</title> <title>Security</title>
<para> <para>
Logical replication connections occur in the same way as with physical streaming The role used for the replication connection must have
replication. It requires access to be explicitly given using the <literal>REPLICATION</literal> attribute. Access for the role must be
<filename>pg_hba.conf</filename>. The role used for the replication configured in <filename>pg_hba.conf</filename>.
connection must have the <literal>REPLICATION</literal> attribute. This
gives a role access to both logical and physical replication.
</para> </para>
<para> <para>

4
src/backend/libpq/hba.c
View File

@ -612,9 +612,9 @@ check_db(const char *dbname, const char *role, Oid roleid, List *tokens)
foreach(cell, tokens) foreach(cell, tokens)
{ {
tok = lfirst(cell); tok = lfirst(cell);
if (am_walsender) if (am_walsender && !am_db_walsender)
{ {
/* walsender connections can only match replication keyword */ /* physical replication walsender connections can only match replication keyword */
if (token_is_keyword(tok, "replication")) if (token_is_keyword(tok, "replication"))
return true; return true;
} }