| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Magnus Hagander <magnus(at)hagander(dot)net>, PG Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Parsing of pg_hba.conf and authentication inconsistencies |
| Date: | 2008-08-02 17:20:22 |
| Message-ID: | 48949756.9030701@commandprompt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Alvaro Herrera wrote:
> Tom Lane wrote:
>
>> Idle thought: maybe what would really make sense here is a "lint"
>> for PG config files, which you'd run as a standalone program and
>> which would look for not only clear errors but questionable things
>> to warn about. For instance it might notice multiple pg_hba.conf
>> entries for the same IP addresses, check whether an LDAP server
>> can be connected to, check that all user/group/database names
>> used in the file actually exist, etc. These are things that we'd
>> certainly not put into any load- or reload-time tests.
>
> I like this idea.
>
> postgres --check-hba-file /path/to/hba.conf
> postgres --check-conf-file /path/to/postgresql.conf
>
> (I think it's better to reuse the same postmaster executable, because
> that way it's easier to have the same parsing routines.)
Change that to pg_ctl and you have a deal :)
Joshua D. Drake
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joshua D. Drake | 2008-08-02 17:21:53 | Re: Parsing of pg_hba.conf and authentication inconsistencies |
| Previous Message | Tom Lane | 2008-08-02 17:04:38 | Re: Parsing of pg_hba.conf and authentication inconsistencies |