Re: Allow file inclusion in pg_hba and pg_ident files

From: Julien Rouhaud <rjuju123(at)gmail(dot)com>
To: Michael Paquier <michael(at)paquier(dot)xyz>
Cc: PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Nathan Bossart <nathandbossart(at)gmail(dot)com>
Subject: Re: Allow file inclusion in pg_hba and pg_ident files
Date: 2022-11-24 09:07:24
Message-ID: 20221124090724.n7amf5kpdhx6vb76@jrouhaud
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers


On Thu, Nov 24, 2022 at 02:37:23PM +0800, Julien Rouhaud wrote:
> On Thu, Nov 24, 2022 at 02:07:21PM +0900, Michael Paquier wrote:
> > On Wed, Nov 23, 2022 at 03:56:50PM +0800, Julien Rouhaud wrote:
> > > The depth 0 is getting used quite a lot now, maybe we should have a define for
> > > it to make it easier to grep, like TOP_LEVEL_AUTH_FILE or something like that?
> > > And also add a define for the magical 10 for the max inclusion depth, for both
> > > auth files and GUC files while at it?
> >
> > Sounds like a good idea to me, and it seems to me that this had better
> > be unified between the GUCs (see ParseConfigFp() that hardcodes a
> > depth of 0) and hba.c. It looks like they could be added to
> > conffiles.h, as of CONF_FILE_START_{LEVEL,DEPTH} and
> > CONF_FILE_MAX_{LEVEL,DEPTH}. Would you like to send a patch?

So I went with CONF_FILE_START_DEPTH and CONF_FILE_MAX_DEPTH. Attached v22
that fixes it in all the places I found.

> > Now, to the tests..
> >
> > > Mmm, I haven't looked deeply so I'm not sure if the perl podules are aware of
> > > it or not, but maybe we could somehow detect the used delimiter at the
> > > beginning after normalizing the directory, and use a $DELIM rather than a plain
> > > "/"?
> >
> > I am not sure. Could you have a look and see if you can get the CI
> > back to green? The first thing I would test is to switch the error
> > patterns to be regexps based on the basenames rather than the full
> > paths (tweaking the queries on the system views to do htat), so as we
> > avoid all this business with slash and backslash transformations.

Apparently just making sure that the $node->data_dir consistently uses forward
slashes is enough to make the CI happy, for VS 2019 [1] and MinGW64 [2], so
done this way with an extra normalization step.


Attachment Content-Type Size
v22-0001-Introduce-macros-for-initial-maximum-depth-level.patch text/plain 5.7 KB
v22-0002-Add-regression-tests-for-file-inclusion-in-HBA-e.patch text/plain 23.9 KB

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message David Rowley 2022-11-24 09:13:39 Re: Non-decimal integer literals
Previous Message Frédéric Yhuel 2022-11-24 08:52:28 Re: [PATCH] minor optimization for ineq_histogram_selectivity()