| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, PG Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Parsing of pg_hba.conf and authentication inconsistencies |
| Date: | 2008-08-02 15:47:08 |
| Message-ID: | 20080802154708.GN4321@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> Idle thought: maybe what would really make sense here is a "lint"
> for PG config files, which you'd run as a standalone program and
> which would look for not only clear errors but questionable things
> to warn about. For instance it might notice multiple pg_hba.conf
> entries for the same IP addresses, check whether an LDAP server
> can be connected to, check that all user/group/database names
> used in the file actually exist, etc. These are things that we'd
> certainly not put into any load- or reload-time tests.
I like this idea.
postgres --check-hba-file /path/to/hba.conf
postgres --check-conf-file /path/to/postgresql.conf
(I think it's better to reuse the same postmaster executable, because
that way it's easier to have the same parsing routines.)
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sushant Sinha | 2008-08-02 15:50:18 | Re: [GENERAL] Fragments in tsearch2 headline |
| Previous Message | Tom Lane | 2008-08-02 15:38:48 | Re: Parsing of pg_hba.conf and authentication inconsistencies |