From: Bruce Momjian [mailto:pgman(at)candle(dot)pha(dot)pa(dot)us]
Sent: Sun 7/31/2005 4:39 AM
To: Dave Page
Cc: Tom Lane; Magnus Hagander; PostgreSQL-development
Subject: Remote administration functionality
> The idea of the patch was to give applications the full unix I/O
> capabilities, allowing them to program these functions into
> administration applications. I think the group generally would like a
> higher-level API that allows something like:
> SET GLOBAL log_statement = 'mod';
Sounds reasonable (and quite nice) for postgresql.conf, but consider pg_hba.conf. The production systems I run at work have heavily commented pg_hba.conf files, with entries that are intentionally ordered. As you know, unlike postgresql.conf, there is no fixed set of possible entries. How can we create a cleaner inteface for that, and be able to maintain annotations in the file in a way that works well when using tools and text editors at different times?
The best I have come up with is functions similar to:
SELECT pg_set_hba_line(20, 'hostssl all all 192.168.1.1/32 md5');
SELECT pg_add_hba_line(19, '# Allow global access for Dave''s test workstation');
However, there are a couple of things that concern me about doing it this way:
- It would make the client code much more complex as it would need to track each change the user makes individually, before applying the end result.
- It doesn't really give us a cleaner, less hackish interface and just seems like work for the sake of it.
I suppose we could just add functions like:
pg_read_hba_file() AS text;
Which would limit what the functions could be used for to their precisely intended purpose, without compromising flexibility.
> Given the confusion about the patch, I think we can give folks some time
> to work on any additional remote administration bulleted items while we
> clean out the patches queue.
Thank you - and my apologies if anyone thought my previous rant came across too srongly, or was unjustified.
pgsql-hackers by date
|Next:||From: Pavel Stehule||Date: 2005-07-31 09:16:22|
|Subject: Qustions about timestampz |
|Previous:||From: Andreas Pflug||Date: 2005-07-31 08:55:19|
|Subject: Re: Remote administration functionality|