Re: REPLICATION privilege and shutdown

On Thu, Jan 20, 2011 at 10:50, Heikki Linnakangas
<heikki(dot)linnakangas(at)enterprisedb(dot)com> wrote:
> On 20.01.2011 11:41, Fujii Masao wrote:
>>
>> Hi,
>>
>> Both the user with REPLICATION privilege and the superuser can
>> call pg_stop_backup. But only superuser can connect to the server
>> to cancel online backup during shutdown. The non-superuser with
>> REPLICATION privilege cannot. Is this behavior intentional? Or just
>> oversight?
>
> I think we need to consider the situation after the "multiple streaming base
> backups" patch goes in. After that we can change pg_stop_backup() so that
> you need superuser privileges to run it again - replication privileges is
> enough to do a streaming base backup, but that no longer interferes with the
> pg_start/stop_backup() admin functions.
>
> At the moment, a streaming base backup and manual pg_start/stop_backup() use
> the same machinery, so it's possible e.g to run pg_stop_backup() while a
> streaming base backup is running, causing it to fail at the end. Or worse,
> you can run pg_stop_backup()+pg_start_backup(), and the streaming base
> backup will seemingly succeed, but the produced backup is potentially
> corrupt.
>
> The multiple base backups patch will fix that too.

Yeah; I've been avoiding to even think about that one pending the
multiple base backups, onthe assumption that it goes in before
release. If it doesn't, for some reason, that needs to be revisited,
obviously.

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/