Re: Thoughts on pg_hba.conf rejection

On Mon, Apr 19, 2010 at 5:12 PM, Alvaro Herrera
<alvherre(at)commandprompt(dot)com> wrote:
> Robert Haas escribió:
>> On Mon, Apr 19, 2010 at 5:04 PM, Alvaro Herrera
>> <alvherre(at)commandprompt(dot)com> wrote:
>> > Robert Haas escribió:
>> >> On Mon, Apr 19, 2010 at 4:30 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> >
>> >> > The only way I can think of to improve that without going back to flat
>> >> > files would be to develop a way for backends to switch databases after
>> >> > initial startup, so that auth could be done in a predetermined database
>> >> > (say, "postgres") before switching to the requested DB.  This has enough
>> >> > potential gotchas, in regards to catalog caching for instance, that I'm
>> >> > not eager to go there.
>> >>
>> >> Would it be possible to set up a skeleton environment where we can
>> >> access shared catalogs only and then decide on which database we're
>> >> using later?
>> >
>> > Eh?  We already do that ... In fact the autovac launcher is always
>> > connected to shared catalogs, without being connected to any one
>> > database in particular (cf. get_database_list)
>>
>> Oh.  Then I'm confused.  Tom said: "as of 9.0, it's necessary to
>> connect to some database in order to proceed with auth checking".  Why
>> is that necessary,  if we can access shared catalogs without it?
>
> Hmm, yeah, why did he say that?  Maybe the order of operations during
> startup is such that we only do auth checking after connecting to a
> database for some reason.
>
> Whatever it is, I don't think a badly worded error message is enough
> grounds for fooling with this at this time of release process, though.
> To be discussed for 9.1?

I'm not proposing to fix the issue right now; but I wanted to try to
understand it while it's fresh in my mind. I'm still not seeing the
issue for some reason.

...Robert