| From: | Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com> |
|---|---|
| To: | Fujii Masao <masao(dot)fujii(at)gmail(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: REPLICATION privilege and shutdown |
| Date: | 2011-01-20 09:50:24 |
| Message-ID: | 4D380560.3040400@enterprisedb.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 20.01.2011 11:41, Fujii Masao wrote:
> Hi,
>
> Both the user with REPLICATION privilege and the superuser can
> call pg_stop_backup. But only superuser can connect to the server
> to cancel online backup during shutdown. The non-superuser with
> REPLICATION privilege cannot. Is this behavior intentional? Or just
> oversight?
I think we need to consider the situation after the "multiple streaming
base backups" patch goes in. After that we can change pg_stop_backup()
so that you need superuser privileges to run it again - replication
privileges is enough to do a streaming base backup, but that no longer
interferes with the pg_start/stop_backup() admin functions.
At the moment, a streaming base backup and manual pg_start/stop_backup()
use the same machinery, so it's possible e.g to run pg_stop_backup()
while a streaming base backup is running, causing it to fail at the end.
Or worse, you can run pg_stop_backup()+pg_start_backup(), and the
streaming base backup will seemingly succeed, but the produced backup is
potentially corrupt.
The multiple base backups patch will fix that too.
--
Heikki Linnakangas
EnterpriseDB http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2011-01-20 09:54:48 | Re: REPLICATION privilege and shutdown |
| Previous Message | Fujii Masao | 2011-01-20 09:41:02 | REPLICATION privilege and shutdown |