|The PostgreSQL 9.0 Reference Manual - Volume 3 - Server Administration Guide
by The PostgreSQL Global Development Group
Paperback (6"x9"), 274 pages
RRP £9.95 ($14.95)
Sales of this book support the PostgreSQL project! Get a printed copy>>>
It is very important that the access privileges for replication be set up
so that only trusted users can read the WAL stream, because it is
easy to extract privileged information from it. Standby servers must
authenticate to the primary as a superuser account.
So a role with the
privileges needs to be created on the primary.
Client authentication for replication is controlled by a
‘pg_hba.conf’ record specifying
replication in the
database field. For example, if the standby is running on
192.168.1.100 and the superuser's name for replication
foo, the administrator can add the following line to the
‘pg_hba.conf’ file on the primary:
# Allow the user "foo" from host 192.168.1.100 to connect to the primary # as a replication standby if the user's password is correctly supplied. # # TYPE DATABASE USER CIDR-ADDRESS METHOD host replication foo 192.168.1.100/32 md5
The host name and port number of the primary, connection user name,
and password are specified in the ‘recovery.conf’ file.
The password can also be set in the ‘~/.pgpass’ file on the
replication in the database
For example, if the primary is running on host IP
5432, the superuser's name for replication is
foo, and the password is
foopass, the administrator
can add the following line to the ‘recovery.conf’ file on the
# The standby connects to the primary that is running on host 192.168.1.50 # and port 5432 as the user "foo" whose password is "foopass". primary_conninfo = 'host=192.168.1.50 port=5432 user=foo password=foopass'
|ISBN 9781906966072||The PostgreSQL 9.0 Reference Manual - Volume 3 - Server Administration Guide||See the print edition|