From 1996b482859c67726e77b80a263d3cce954e022d Mon Sep 17 00:00:00 2001
From: Magnus Hagander <magnus@hagander.net>
Date: Mon, 3 Jan 2011 12:00:09 +0100
Subject: [PATCH] Add missing part of replication role docs

Noted by Peter E.
---
 doc/src/sgml/user-manag.sgml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/doc/src/sgml/user-manag.sgml b/doc/src/sgml/user-manag.sgml
index d4906907ec0..08b3fb7dc42 100644
--- a/doc/src/sgml/user-manag.sgml
+++ b/doc/src/sgml/user-manag.sgml
@@ -169,7 +169,8 @@ CREATE USER <replaceable>name</replaceable>;
       <term>superuser status<indexterm><primary>superuser</></></term>
       <listitem>
        <para>
-        A database superuser bypasses all permission checks.  This is a
+        A database superuser bypasses all permission checks, except the right
+        to log in or the right to initiate replication.  This is a
         dangerous privilege and should not be used carelessly; it is best
         to do most of your work as a role that is not a superuser.
         To create a new database superuser, use <literal>CREATE ROLE
@@ -208,6 +209,20 @@ CREATE USER <replaceable>name</replaceable>;
       </listitem>
      </varlistentry>
 
+     <varlistentry>
+      <term>initiating replication<indexterm><primary>role</><secondary>privilege to initiate replication</></></term>
+      <listitem>
+       <para>
+        A role must explicitly be given permission to initiate streaming
+        replication (superusers do not bypass this check). A role used
+        for streaming replication must always have <literal>LOGIN</>
+        permission as well. To create such a role, use
+        <literal>CREATE ROLE <replaceable>name</replaceable> REPLICATION
+        LOGIN</literal>.
+       </para>
+      </listitem>
+     </varlistentry>
+
      <varlistentry>
       <term>password<indexterm><primary>password</></></term>
       <listitem>
-- 
GitLab