From: | Stef Walter <stef-list(at)memberwebs(dot)com> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Subject: | pg_hba.conf: samehost and samenet |
Date: | 2009-08-13 22:50:35 |
Message-ID: | 20090813225034.068DC3039745@mx.npubs.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
I love using postgresql, and have for a long time. I'm involved with
almost a hundred postgresql installs. But this is the first time I've
gotten into the code.
Renumbering networks happens often, and will happen more frequently as
IPv4 space runs low. The IP based restrictions in pg_hba.conf is one of
the places where renumbering can break running installs. In addition
when postgresql is run in BSD jails, 127.0.0.1 is not available for use
in pg_hba.conf.
It would be great if, in the cidr-address field of pg_hba.conf, we could
specify "samehost" and "samenet". These special values use the local
hosts network interface addresses. "samehost" allows an IP assigned to
the local machine. "samenet" allows any host on the subnets connected to
the local machine.
This is similar to the "sameuser" value that's allowed in the database
field.
A change like this would enable admins like myself to distribute
postgresql with something like this in the default pg_hba.conf file:
host all all samenet md5
hostssl all all 0.0.0.0/0 md5
I've attached an initial patch which implements "samehost" and
"samenet". The patch looks more invasive than it really is, due to
necessary indentation change (ie: a if block), and moving some code into
a separate function.
Thanks for your time. How can I help get a feature like this into
postgresql?
Cheers,
Stef
Attachment | Content-Type | Size |
---|---|---|
postgres-hba-samenet-1.patch | text/x-diff | 18.2 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Jeff Davis | 2009-08-13 23:01:08 | Re: freezing tuples ( was: Why is vacuum_freeze_min_age 100m? ) |
Previous Message | Tom Lane | 2009-08-13 22:46:10 | Re: freezing tuples ( was: Why is vacuum_freeze_min_age 100m? ) |