Update Authors and version on README

Signed-off-by: Martín Marqués <martin.marques@enterprisedb.com>

.github/workflows/blackduck-scan.yml

@@ -1,99 +0,0 @@
-###
-# Foundation-security BlackDuck workflow
-# version: 2.1
-###
-name: Foundation-Security/Black Duck Scan
-
-on:
-  push:
-    tags:
-      - "**"
-  pull_request:
-    types: [opened, synchronize, reopened]
-    branches:
-      - "**"
-  schedule:
-    - cron: "0 3 * * *" # 3:00 AM UTC / 10PM EST
-  workflow_dispatch:
-    inputs:
-      scan-mode:
-        description: "BlackDuck Scan mode"
-        required: true
-        type: choice
-        options:
-          - RAPID
-          - INTELLIGENT
-        default: RAPID
-      ref:
-        description: "Branch to scan"
-        required: true
-
-jobs:
-  Blackduck-Scan:
-    runs-on: ubuntu-22.04
-    permissions:
-      id-token: write
-      contents: read
-    steps:
-      - name: Checkout source repository for dispatch runs
-        id: checkout-source-dispatch
-        if: github.event_name == 'workflow_dispatch'
-        uses: actions/checkout@v4
-        with:
-          repository: ${{ github.repository }}
-          ref: ${{ inputs.ref }}
-          path: source
-          token: ${{ secrets.GH_SLONIK }}
-
-      - name: Set project name and version for dispatch runs
-        id: set-project-name-and-version-dispatch
-        if: github.event_name == 'workflow_dispatch'
-        run: |
-          echo "PROJECT_NAME=${{ github.event.repository.name }}" >> "$GITHUB_ENV"
-          echo "PROJECT_VERSION=${{ inputs.ref }}" >> "$GITHUB_ENV"
-
-      - name: Checkout source repository for non-dispatch runs
-        id: checkout-source
-        if: github.event_name != 'workflow_dispatch'
-        uses: actions/checkout@v4
-        with:
-          repository: ${{ github.repository }}
-          ref: ${{ github.ref }}
-          path: source
-          token: ${{ secrets.GH_SLONIK }}
-
-      - name: Set project name and version for non-dispatch runs
-        id: set-project-name-and-version
-        if: github.event_name != 'workflow_dispatch'
-        run: |
-          echo "PROJECT_NAME=${{ github.event.repository.name }}" >> "$GITHUB_ENV"
-          echo "PROJECT_VERSION=${{ github.ref_name }}" >> "$GITHUB_ENV"
-
-      - name: Get short hash
-        shell: bash
-        if: ${{ inputs.scan-mode == 'INTELLIGENT' }}
-        run: |
-          cd source
-          echo "sha_short=$(git rev-parse --short "$GITHUB_SHA")" >> "$GITHUB_ENV"
-
-      - name: Checkout foundation-security repository
-        id: checkout-foundation-security
-        uses: actions/checkout@v4
-        with:
-          repository: EnterpriseDB/foundation-security
-          ref: v2
-          path: foundation-security
-          token: ${{secrets.GH_SLONIK}}
-
-      - name: BlackDuck Scan
-        id: call-bd-action
-        uses: ./foundation-security/actions/blackduck
-        with:
-          github-token: ${{ secrets.GH_SLONIK }}
-          cloudsmith-token: ${{ secrets.CLOUDSMITH_READ_ALL }}
-          commit-hash: ${{ env.sha_short }}
-          git-tag: ${{ github.tag }}
-          blackduck-url: ${{ vars.BD_URL }}
-          blackduck-api-token: ${{ secrets.BLACKDUCK_API_TOKEN }}
-          project-name: ${{ env.PROJECT_NAME }}
-          project-version: ${{ env.PROJECT_VERSION }}

README.md

@@ -7,8 +7,8 @@ replication capabilities with utilities to set up standby servers, monitor
 replication, and perform administrative tasks such as failover or switchover
 operations.
 
-The most recent `repmgr` version (5.3.2) supports all PostgreSQL versions from
+The most recent `repmgr` version (5.4.1) supports all PostgreSQL versions from
-9.5 to 15. PostgreSQL 9.4 is also supported, with some restrictions.
+10 to 16.
 
 `repmgr` is distributed under the GNU GPL 3 and maintained by EnterpriseDB.
 
@@ -56,8 +56,6 @@ There is a mailing list/forum to discuss contributions or issues:
 
 * https://groups.google.com/group/repmgr
 
-The IRC channel #repmgr is registered with freenode.
-
 Please report bugs and other issues to:
 
 * https://github.com/EnterpriseDB/repmgr
@@ -69,6 +67,14 @@ news are always welcome.
 
 Thanks from the repmgr core team.
 
+* Ian Barwick
+* Israel Barth
+* Mario González
+* Martín Marqués
+* Gianni Ciolli
+
+Past contributors:
+
 * Jaime Casanova
 * Abhijit Menon-Sen
 * Simon Riggs

dbutils.c

@@ -1913,15 +1913,47 @@ can_disable_walsender(PGconn *conn)
 	if (is_superuser_connection(conn, NULL) == true)
 		return true;
 
-	/*
+	PQExpBufferData query;
-	 * As of PostgreSQL 14, it is not possible for a non-superuser
+	PGresult   *res;
-	 * to execute ALTER SYSTEM, so further checks are superfluous.
+	bool		has_alter_system_priv = false;
-	 * This will need modifying for PostgreSQL 15.
-	 */
-	log_warning(_("\"standby_disconnect_on_failover\" specified, but repmgr user is not a superuser"));
-	log_detail(_("superuser permission required to disable standbys on failover"));
 
-	return false;
+	/* GRANT ALTER SYSTEM available from PostgreSQL 15 */
+	if (PQserverVersion(conn) >= 150000)
+	{
+		initPQExpBuffer(&query);
+		appendPQExpBufferStr(&query,
+						" SELECT pg_catalog.has_parameter_privilege('wal_retrieve_retry_interval', 'ALTER SYSTEM') ");
+
+		res = PQexec(conn, query.data);
+
+		if (PQresultStatus(res) != PGRES_TUPLES_OK)
+		{
+			log_db_error(conn, query.data,
+					_("can_disable_walsender(): unable to query user parameter privileges"));
+		}
+		else
+		{
+			has_alter_system_priv = atobool(PQgetvalue(res, 0, 0));
+		}
+		termPQExpBuffer(&query);
+		PQclear(res);
+	}
+
+	if (has_alter_system_priv == false)
+	{
+		log_warning(_("\"standby_disconnect_on_failover\" specified, but repmgr user is not authorized to perform ALTER SYSTEM wal_retrieve_retry_interval"));
+
+		if (PQserverVersion(conn) >= 150000)
+		{
+			log_detail(_("superuser or ALTER SYSTEM wal_retrieve_retry_interval permission required to disable standbys on failover"));
+		}
+		else
+		{
+			log_detail(_("superuser permission required to disable standbys on failover"));
+		}
+	}
+
+	return has_alter_system_priv;
 }
 
 /*

doc/configuration-permissions.xml

@@ -159,8 +159,10 @@
             <simpara>
               The <command>ALTER SYSTEM</command> is executed by &repmgrd; if
               <varname>standby_disconnect_on_failover</varname> is set to <literal>true</literal> in
-              <filename>repmgr.conf</filename>. <command>ALTER SYSTEM</command> can only be executed by
+              <filename>repmgr.conf</filename>. Until PostgreSQL 14 <command>ALTER SYSTEM</command> can only be executed by
               a superuser; if the &repmgr; user is not a superuser, this functionality will not be available.
+              From PostgreSQL 15 a specific ALTER SYSTEM privilege can be granted with e.g.
+              <command>GRANT ALTER SYSTEM ON PARAMETER wal_retrieve_retry_interval TO repmgr</command>.
             </simpara>
           </listitem>
         </itemizedlist>

doc/repmgrd-automatic-failover.xml

@@ -279,7 +279,9 @@
   <note>
     <para>
       <option>standby_disconnect_on_failover</option> is available with PostgreSQL 9.5 and later.
-      Additionally this requires that the <literal>repmgr</literal> database user is a superuser.
+      Until PostgreSQL 14 this requires that the <literal>repmgr</literal> database user is a superuser.
+      From PostgreSQL 15 a specific ALTER SYSTEM privilege can be granted to the <literal>repmgr</literal> database
+      user with e.g. <command>GRANT ALTER SYSTEM ON PARAMETER wal_retrieve_retry_interval TO repmgr</command>.
     </para>
   </note>
   <para>

repmgr.conf.sample

@@ -340,7 +340,9 @@ ssh_options='-q -o ConnectTimeout=10'	# Options to append to "ssh"
 #repmgrd_exit_on_inactive_node=false	# If "true", and the node record is marked as "inactive", abort repmgrd startup
 #standby_disconnect_on_failover=false	# If "true", in a failover situation wait for all standbys to
 					# disconnect their WAL receivers before electing a new primary
-					# (PostgreSQL 9.5 and later only; repmgr user must be a superuser for this)
+					# Can be true in PostgreSQL 9.5 and later only. Until PostgreSQL 14 repmgr user must be a superuser to use this.
+					# From PostgreSQL 15 repmgr must be a superuser or have 'ALTER SYSTEM wal_retrieve_retry_interval' privilege.
+					# (see: https://repmgr.org/docs/current/repmgrd-standby-disconnection-on-failover.html )
 #sibling_nodes_disconnect_timeout=30	# If "standby_disconnect_on_failover" is true, the maximum length of time
 					#  (in seconds) to wait for other standbys to confirm they have disconnected their
 					# WAL receivers