| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: pg_upgrade using appname to lock out other users |
| Date: | 2011-06-17 03:47:39 |
| Message-ID: | 201106170347.p5H3ldg18975@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Robert Haas wrote:
> > We can pick different options for 9.0, 9.1, and 9.2. ?(For PG 9.0
> > probably only #1 is appropriate.)
>
> I don't like any of these options as well as what I already proposed.
> I proposed a complicated approach that actually fixes the problem for
> real; you're proposing a whole bunch of simpler approaches all of
> which have pretty obvious holes. We already have something that only
> sorta works; replacing it with a different system that only sorta
> works is not going to be a great leap forward.
What is your proposal? Write a password into a file that is read by the
postmaster on startup and used for connections? That would remove the
"modify pg_hba.conf to 'trust'" step, but again only for new servers.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ It's impossible for everything to be true. +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2011-06-17 03:49:48 | Re: SSI work for 9.1 |
| Previous Message | Robert Haas | 2011-06-17 03:44:55 | Re: [HACKERS] Issues with generate_series using integer boundaries |