File tree 3 files changed +17
-14
lines changed
3 files changed +17
-14
lines changed Original file line number Diff line number Diff line change @@ -827,12 +827,14 @@ archive_cleanup_command = 'pg_archivecleanup /path/to/archive %r'
827
827
It is very important that the access privileges for replication be set up
828
828
so that only trusted users can read the WAL stream, because it is
829
829
easy to extract privileged information from it. Standby servers must
830
- authenticate to the primary as a superuser or an account that has the
831
- <literal>REPLICATION</literal> privilege. It is recommended to create a
832
- dedicated user account with <literal>REPLICATION</literal> and <literal>LOGIN</literal>
833
- privileges for replication. While <literal>REPLICATION</literal> privilege gives
834
- very high permissions, it does not allow the user to modify any data on
835
- the primary system, which the <literal>SUPERUSER</literal> privilege does.
830
+ authenticate to the primary as an account that has the
831
+ <literal>REPLICATION</literal> privilege or a superuser. It is
832
+ recommended to create a dedicated user account with
833
+ <literal>REPLICATION</literal> and <literal>LOGIN</literal>
834
+ privileges for replication. While <literal>REPLICATION</literal>
835
+ privilege gives very high permissions, it does not allow the user to
836
+ modify any data on the primary system, which the
837
+ <literal>SUPERUSER</literal> privilege does.
836
838
</para>
837
839
838
840
<para>
Original file line number Diff line number Diff line change @@ -51,8 +51,8 @@ PostgreSQL documentation
51
51
<para>
52
52
The backup is made over a regular <productname>PostgreSQL</productname>
53
53
connection, and uses the replication protocol. The connection must be made
54
- with a superuser or a user having <literal>REPLICATION</literal>
55
- permissions (see <xref linkend="role-attributes"/>),
54
+ with a user having <literal>REPLICATION</literal> permissions
55
+ (see <xref linkend="role-attributes"/>) or a superuser ,
56
56
and <filename>pg_hba.conf</filename> must explicitly permit the replication
57
57
connection. The server must also be configured
58
58
with <xref linkend="guc-max-wal-senders"/> set high enough to leave at least
Original file line number Diff line number Diff line change @@ -68,12 +68,13 @@ PostgreSQL documentation
68
68
<para>
69
69
The write-ahead log is streamed over a regular
70
70
<productname>PostgreSQL</productname> connection and uses the replication
71
- protocol. The connection must be made with a superuser or a user
72
- having <literal>REPLICATION</literal> permissions (see
73
- <xref linkend="role-attributes"/>), and <filename>pg_hba.conf</filename>
74
- must permit the replication connection. The server must also be
75
- configured with <xref linkend="guc-max-wal-senders"/> set high enough to
76
- leave at least one session available for the stream.
71
+ protocol. The connection must be made with a user having
72
+ <literal>REPLICATION</literal> permissions (see
73
+ <xref linkend="role-attributes"/>) or a superuser, and
74
+ <filename>pg_hba.conf</filename> must permit the replication connection.
75
+ The server must also be configured with
76
+ <xref linkend="guc-max-wal-senders"/> set high enough to leave at least
77
+ one session available for the stream.
77
78
</para>
78
79
79
80
<para>
You can’t perform that action at this time.
0 commit comments