| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Josh Berkus <josh(at)agliodbs(dot)com> |
| Cc: | Gregory Stark <stark(at)enterprisedb(dot)com>, PG Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Parsing of pg_hba.conf and authentication inconsistencies |
| Date: | 2008-08-02 16:39:27 |
| Message-ID: | 48948DBF.2080401@hagander.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Josh Berkus wrote:
> Magnus,
>
>> However it would be nice to throw an error or at least a warning when
>> parsing
>> the file instead of pretending everything's ok. Perhaps authentication
>> methods
>> should have a function to check whether the method is supported which is
>> called when the file is parsed.
>>
>
> The good way to solve this would be to have independant command line
> utilities which check pg_hba.conf, pg_ident.conf and postgresql.conf for
> errors. Then DBAs could run a check *before* restarting the server.
While clearly useful, it'd still leave the fairly large foot-gun that is
editing the hba file and HUPing things which can leave you with a
completely un-connectable database because of a small typo. The
difference in the "could run" vs "must run, thus runs automatically" part...
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-08-02 16:49:00 | Re: Parsing of pg_hba.conf and authentication inconsistencies |
| Previous Message | Magnus Hagander | 2008-08-02 16:37:25 | Re: Parsing of pg_hba.conf and authentication inconsistencies |