Give superusers REPLIACTION permission by default

This can be overriden by using NOREPLICATION on the CREATE ROLE
statement, but by default they will have it, making it backwards
compatible and "less surprising" (given that superusers normally
override all checks).

Author: mhagander

doc/src/sgml/high-availability.sgml

@@ -805,9 +805,9 @@ archive_cleanup_command = 'pg_archivecleanup /path/to/archive %r'
     <note>
      <para>
       It is recommended that a dedicated user account is used for replication.
-      While it is possible to add  the <literal>REPLICATION</> privilege to
-      a superuser account for the purporses of replication, this is not
-      recommended. While <literal>REPLICATION</> privilege gives very high
+      While the <literal>REPLICATION</> privilege is granted to superuser
+      accounts by default, it is not recommended to use superuser accounts
+      for replication. While <literal>REPLICATION</> privilege gives very high
       permissions, it does not allow the user to modify any data on the
       primary system, which the <literal>SUPERUSER</> privilege does.
      </para>

doc/src/sgml/ref/create_role.sgml

@@ -185,7 +185,8 @@ CREATE ROLE <replaceable class="PARAMETER">name</replaceable> [ [ WITH ] <replac
         A role having the <literal>REPLICATION</> attribute is a very
         highly privileged role, and should only be used on roles actually
         used for replication. If not specified,
-        <literal>NOREPLICATION</literal> is the default.
+        <literal>NOREPLICATION</literal> is the default for all roles except
+        superusers.
        </para>
       </listitem>
      </varlistentry>

doc/src/sgml/user-manag.sgml

@@ -175,7 +175,11 @@ CREATE USER <replaceable>name</replaceable>;
         to do most of your work as a role that is not a superuser.
         To create a new database superuser, use <literal>CREATE ROLE
         <replaceable>name</replaceable> SUPERUSER</literal>.  You must do
-        this as a role that is already a superuser.
+        this as a role that is already a superuser. Creating a superuser
+        will by default also grant permissions to initiate streaming
+        replication. For increased security this can be disallowed using
+        <literal>CREATE ROLE <replaceable>name</replaceable> SUPERUSER
+        NOREPLICATION</literal>.
        </para>
       </listitem>
      </varlistentry>
@@ -214,9 +218,8 @@ CREATE USER <replaceable>name</replaceable>;
       <listitem>
        <para>
         A role must explicitly be given permission to initiate streaming
-        replication (superusers do not bypass this check). A role used
-        for streaming replication must always have <literal>LOGIN</>
-        permission as well. To create such a role, use
+        replication. A role used for streaming replication must always
+        have <literal>LOGIN</> permission as well. To create such a role, use
         <literal>CREATE ROLE <replaceable>name</replaceable> REPLICATION
         LOGIN</literal>.
        </para>

src/backend/commands/user.c

@@ -248,7 +248,15 @@ CreateRole(CreateRoleStmt *stmt)
 	if (dpassword && dpassword->arg)
 		password = strVal(dpassword->arg);
 	if (dissuper)
+	{
 		issuper = intVal(dissuper->arg) != 0;
+		/*
+		 * Superusers get replication by default, but only if
+		 * NOREPLICATION wasn't explicitly mentioned
+		 */
+		if (!(disreplication && intVal(disreplication->arg) == 0))
+			isreplication = 1;
+	}
 	if (dinherit)
 		inherit = intVal(dinherit->arg) != 0;
 	if (dcreaterole)

src/include/catalog/catversion.h

@@ -53,6 +53,6 @@
  */
 
 /*							yyyymmddN */
-#define CATALOG_VERSION_NO	201101031
+#define CATALOG_VERSION_NO	201101051
 
 #endif

src/include/catalog/pg_authid.h

@@ -93,7 +93,7 @@ typedef FormData_pg_authid *Form_pg_authid;
  * user choices.
  * ----------------
  */
-DATA(insert OID = 10 ( "POSTGRES" t t t t t t f -1 _null_ _null_ ));
+DATA(insert OID = 10 ( "POSTGRES" t t t t t t t -1 _null_ _null_ ));
 
 #define BOOTSTRAP_SUPERUSERID 10