让 PostgreSQL BDR 在没有超级用户(postgres 用户)权限的情况下工作?
[英]Make PostgreSQL BDR work without superuser (postgres user) privileges?
问题描述
We're switching from MongoDB to Postgres at work, and I'm setting up a BDR group.
我们在工作中从 MongoDB 切换到 Postgres,我正在建立一个 BDR 组。
At this step I'm looking at security and locking down where possible.在这一步,我正在考虑安全性并在可能的情况下锁定。 Hence, I was hoping to set up a replication user (role) and let BDR use that for its replication stuff.因此,我希望设置一个replication用户(角色)并让 BDR 将其用于其复制内容。 I already had the group happily running when using either trusted connections or the postgres user for authentication.在使用受信任的连接或postgres用户进行身份验证时,我已经让该组愉快地运行。 Neither seems 100% secure to me, and I particularly don't like how the postgres user's password would appear in clear text in the DSN connections strings in bdr.bdr_nodes .对我来说,两者似乎都不是 100% 安全的,我特别不喜欢 postgres 用户的密码如何以明文形式出现在bdr.bdr_nodes的 DSN 连接字符串中。 So I tried using this replication user instead.所以我尝试改用这个replication用户。
That is, eg in pg_hba.conf :也就是说,例如在pg_hba.conf :
hostssl appdb,replication replication 172.17.1.2 md5
And the matching DSN connection string,和匹配的 DSN 连接字符串,
host=172.17.1.1 dbname=appdb user=replication password=secret
Problem with this approach is illustrated by the following error when issuing bdr.bdr_group_create :发出bdr.bdr_group_create时出现以下错误说明此方法的问题:
ERROR: local dsn does not have superuser rights
DETAIL: The dsn 'host=172.17.1.1 dbname=appdb user=replication password=secret' connects successfully but does not grant superuser rights
And this is where I'm a bit puzzled.这就是我有点困惑的地方。 Does BDR really need superuser rights for replication? BDR 真的需要超级用户权限进行复制吗? Or can I grant specific privileges to my replication role that'll allow it to do its business without being all-powerful?或者我是否可以为我的replication角色授予特定的权限,使其能够在不全能的情况下开展业务?
Maybe it's just me being paranoid, but I feel that the postgres user should only be used for sysadmin stuff, and that the password to it most definitely shouldn't appear in a table in a cleartext DSN connection string, even if you require special privileges to read from said table.也许只是我偏执,但我觉得postgres用户应该只用于系统管理员的东西,并且它的密码绝对不应该出现在明文 DSN 连接字符串的表中,即使您需要特殊权限从所述表中读取。
1 个解决方案
解决方案1
2 已采纳 2015-09-02 07:22:54
At this time you can't use BDR without a superuser connection for replication.此时,您不能在没有超级用户连接的情况下使用 BDR 进行复制。 It's required by logical decoding.它是逻辑解码所必需的。 We're hoping to address that in the 9.6 edition of BDR.我们希望在 9.6 版的 BDR 中解决这个问题。
Please think very carefully about whether you truly need multi-master before going down this path.请仔细担心自己是否真正之前走这条路需要多主认为。 Are you sure an active/standby setup, with read replicas, isn't sufficient for your needs?您确定带有只读副本的活动/备用设置不足以满足您的需求吗? Please read the manual section on BDR's limitations and the additional application development considerations carefully.请仔细阅读有关 BDR 限制和其他应用程序开发注意事项的手册部分。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.