From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Greg Stark <stark(at)mit(dot)edu>, Peter Eisentraut <peter_e(at)gmx(dot)net>, Jim Nasby <Jim(dot)Nasby(at)bluetreble(dot)com>, Abhijit Menon-Sen <ams(at)2ndquadrant(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, "Prabakaran, Vaishnavi" <vaishnavip(at)fast(dot)au(dot)fujitsu(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Jaime Casanova <jaime(at)2ndquadrant(dot)com> |
Subject: | Re: Providing catalog view to pg_hba.conf file - Patch submission |
Date: | 2015-03-16 16:29:53 |
Message-ID: | 20150316162953.GF3636@alvh.no-ip.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Robert Haas wrote:
> On Wed, Mar 11, 2015 at 1:32 PM, Greg Stark <stark(at)mit(dot)edu> wrote:
> > I think what we have here is already a good semantic representation. It
> > doesn't handle all the corner cases but those corner cases are a) very
> > unlikely and b) easy to check for. A tool can check for any users starting
> > with + or named "all" or any databases called "sameuser" or "samerole". If
> > they exist then the view isn't good enough to reconstruct the raw file. But
> > they're very unlikely to exist, I've never heard of anyone with such things
> > and can't imagine why someone would make them.
>
> -1. Like Peter, I think this is a bad plan. Somebody looking at the
> view should be able to understand with 100% confidence, and without
> additional parsing, what the semantics of the pg_hba.conf file are.
> Saying "those cases are unlikely so we're not going to handle them" is
> really selling ourselves short.
+1 what Robert said. I think the additional "keyword" columns are a
good solution to the issue.
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
From | Date | Subject | |
---|---|---|---|
Next Message | Chengyu Fan | 2015-03-16 16:32:34 | How to create shared_ptr for PGconn? |
Previous Message | Andrew Dunstan | 2015-03-16 16:28:43 | Re: Allow "snapshot too old" error, to prevent bloat |