Re: superusers are members of all roles?

Hi,

I've just recently upgraded to postgrsql 9.1 and also hit bug #5763.
Having +group not match all superusers is essential to be able to assign
different authentication backends to different superusers with needing
to edit configuration files on the radius host system. E.g. to be able
to authenticate some against ldap services and some against the password
stored in the database, so the superusers can opt into the central
authentication system if they want to. With the old postgresql version,
all user managers would only need postgresql tcp access, no access to
files or similar.

Could the different behaviour (superusers matching all/not all group
entries in hba.conf) perhaps become a configuration item?

Regards,M. Braun