Re: Recognizing superuser in pg_hba.conf

Greetings,

* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> What I'm basically objecting to is the pseudo-reservedness. If we
> don't want to dodge that with special syntax, we should dodge it
> by making sure the keywords are actually reserved names. In other
> words, add a "pg_" prefix, as somebody else suggested upthread.

Yes, that was my suggestion, and it was also my change a few major
versions ago that actually reserved the "pg_" prefix for roles.

> BTW, although that solution works for the immediate need of
> keywords that have to be distinguished from role names, it doesn't
> currently scale to keywords for the database column, because we
> don't treat "pg_" as a reserved prefix for database names:
>
> regression=# create role pg_zit;
> ERROR: role name "pg_zit" is reserved
> DETAIL: Role names starting with "pg_" are reserved.
> regression=# create database pg_zit;
> CREATE DATABASE
>
> Should we do so, or wait till there's an immediate need to?

I seem to recall (but it was years ago, so I might be wrong) advocating
that we should reserve the 'pg_' prefix for *all* object types. All I
can recall is that there wasn't much backing for the idea (though I also
don't recall any specific objection, and it's also quite possible that
there was simply no response to the idea).

For my 2c, I'd *much* rather we reserve it across the board, and sooner
than later, since that would hopefully reduce the impact on people. The
only justification for *not* reserving it is if we KNOW that we'll never
need a special one of those, but, well, we're well past that for
database names already- look at the fact that we've got a "replication"
one, for example. Maybe we can't ever un-reserve that, but I like the
idea of reserving "pg_" for database names and then having
"pg_replication" be allowed to mean replication connections and then
encouraging users to use that instead.

Thanks,

Stephen