| From: | "Dave Page" <dpage(at)vale-housing(dot)co(dot)uk> |
|---|---|
| To: | "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Magnus Hagander" <mha(at)sollentuna(dot)net>, "PostgreSQL-development" <pgsql-hackers(at)postgreSQL(dot)org> |
| Subject: | Re: Remote administration functionality |
| Date: | 2005-07-31 09:11:16 |
| Message-ID: | E7F85A1B5FF8D44C8A1AF6885BC9A0E485078C@ratbert.vale-housing.co.uk |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
-----Original Message-----
From: Bruce Momjian [mailto:pgman(at)candle(dot)pha(dot)pa(dot)us]
Sent: Sun 7/31/2005 4:39 AM
To: Dave Page
Cc: Tom Lane; Magnus Hagander; PostgreSQL-development
Subject: Remote administration functionality
> The idea of the patch was to give applications the full unix I/O
> capabilities, allowing them to program these functions into
> administration applications. I think the group generally would like a
> higher-level API that allows something like:
>
> SET GLOBAL log_statement = 'mod';
Sounds reasonable (and quite nice) for postgresql.conf, but consider pg_hba.conf. The production systems I run at work have heavily commented pg_hba.conf files, with entries that are intentionally ordered. As you know, unlike postgresql.conf, there is no fixed set of possible entries. How can we create a cleaner inteface for that, and be able to maintain annotations in the file in a way that works well when using tools and text editors at different times?
The best I have come up with is functions similar to:
SELECT pg_set_hba_line(20, 'hostssl all all 192.168.1.1/32 md5');
SELECT pg_add_hba_line(19, '# Allow global access for Dave''s test workstation');
SELECT pg_delete_hba_line(24);
However, there are a couple of things that concern me about doing it this way:
- It would make the client code much more complex as it would need to track each change the user makes individually, before applying the end result.
- It doesn't really give us a cleaner, less hackish interface and just seems like work for the sake of it.
I suppose we could just add functions like:
pg_write_hba_file('File contents'::text);
pg_read_hba_file() AS text;
Which would limit what the functions could be used for to their precisely intended purpose, without compromising flexibility.
> Given the confusion about the patch, I think we can give folks some time
> to work on any additional remote administration bulleted items while we
> clean out the patches queue.
Thank you - and my apologies if anyone thought my previous rant came across too srongly, or was unjustified.
Regards, Dave
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2005-07-31 09:16:22 | Qustions about timestampz |
| Previous Message | Andreas Pflug | 2005-07-31 08:55:19 | Re: Remote administration functionality |