| From: | Christopher Browne <cbbrowne(at)cbbrowne(dot)com> |
|---|---|
| To: | Þórhallur Hálfdánarson <tolli(at)tol(dot)li> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Scheduled jobs |
| Date: | 2003-05-13 20:35:28 |
| Message-ID: | 20030513203528.1B37C33AE8@cbbrowne.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tolli wrote:
> -*- Andrew Sullivan <andrew(at)libertyrms(dot)info> [ 2003-05-13 14:42 ]:
> > On Tue, May 13, 2003 at 01:33:25PM +0000, ??rhallur H?lfd?narson wrote:
> > > The suggestion on using ident was to eliminate the need for storing
> > > passwords in the first place...
> >
> > But how are you going to let them run scheduled jobs inside the
> > postmaster if they can't be authenticated, then? You either have to
> > use .pgpass, user kerberos, or use ident; nothing else is safe in the
> > context you're discussing. I don't understand the problem.
> I was simply pointing out some scenarios when scheduled jobs are
> nice. :-)
"Nice" does not dictate "Someone should be responsible for the
implementation."
In the old fable about the mice and the cat, it would sure be "nice" if
they could put a bell on the cat so the mice could hear the cat coming.
But in the fable, none of the mice were prepared to risk life and limb
getting the bell put onto the cat.
In this case, the fact that you'd like a scheduler does not imply that
anyone will want to take the job on.
> I believe you have to be authenticated to *create* jobs... and would
> probably run as the owner, if it gets implemented.
No, these "jobs" would run as the "postgres" user. (Or whatever user
it is that the PostgreSQL server runs as.)
And there enters a *big* whack of complexity, particularly if that
isn't the right answer.
It rapidly turns into a *very* complex system that, even with MS-SQL
and Oracle, isn't really part of the database. Why is it complex?
Because of the need to be able to change user roles to different
system users, which is inherently system-dependent (e.g. - very
different between Unix and Windows) and *highly* security-sensitive.
I agree with the thoughts that it would be a slick idea to come up
with a way of having PostgreSQL be the "data store" for some outside
scheduling tool. You likely won't have something that anyone will
have compete with Cron or Maestro or [whatever they call the Windows
'scheduler'], but it could be useful to those that care. And by
keeping it separate, those of us that don't care don't get a bloated
system.
--
(reverse (concatenate 'string "gro.gultn@" "enworbbc"))
http://www3.sympatico.ca/cbbrowne/spreadsheets.html
Think of C++ as an object-oriented assembly language.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christopher Browne | 2003-05-13 20:35:40 | Re: Scheduled jobs |
| Previous Message | Tom Lane | 2003-05-13 20:16:10 | Re: How are null's stored? |