More robust pg_hba.conf parsing/error logging

From: Rafael Martinez <r(dot)m(dot)guerrero(at)usit(dot)uio(dot)no>
To: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: More robust pg_hba.conf parsing/error logging
Date: 2009-09-09 13:45:59
Message-ID: 4AA7B197.70002@usit.uio.no
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello

The origin of this petition is an error produced today by a user on one
of our systems. Because of this error many users lost access to their
databases.

Problem:
- --------
If you define in pg_hba.conf a database or a user value with 'ALL'
instead of 'all', you will lose access to *all* databases involved. The
reload process will not report anything about 'ALL' been an invalid
value and the new pg_hba.conf will be reloaded.

This is the only thing in the log file:
"LOG: received SIGHUP, reloading configuration files"

Solution:
- ---------
Or change internally all uppercase to lowercase so users can define
values in pg_hba.conf with uppercase characters.

Or throw an error saying 'ALL' is not a valid value and *not* reload the
pg_hba.conf file. This is already done if you use uppercase when you
define connection type or authentication method.

regards,
- --
Rafael Martinez, <r(dot)m(dot)guerrero(at)usit(dot)uio(dot)no>
Center for Information Technology Services
University of Oslo, Norway

PGP Public Key: http://folk.uio.no/rafael/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFKp7GVBhuKQurGihQRAhCZAJ9y5BhdWbrpJeW12g/rJ6yRfgubgACglYC3
wkG1cHESexmSZ48/Fc63vU4=
=a46y
-----END PGP SIGNATURE-----

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Pavel Stehule 2009-09-09 14:06:30 Re: RfD: more powerful "any" types
Previous Message Tom Lane 2009-09-09 13:39:49 Re: RfD: more powerful "any" types