Re: Adding usernames to pg_hba.conf

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Rod Taylor <rbt(at)zort(dot)ca>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>
Subject: Re: Adding usernames to pg_hba.conf
Date: 2002-03-19 16:15:22
Message-ID: 29414.1016554522@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches

Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> I have been thinking about it and I think one file in data/global/
> similar to pg_pwd will work.

Yeah, if you model it on the pg_shadow trigger then at least it's no worse
than it is now ;-). Note the checks that exist in the pg_shadow trigger
to require usernames not to contain any characters that would break the
file formatting; this will have to be done for groupnames now too.

Also note that (if you plan to write user names and not just user IDs)
an update of pg_shadow will need to force rewrite of the group file not
only the shadow file.

Thinking about that, I wonder why not stick to just one file: extend the
content of pg_pwd to include group membership info, and rewrite it when
either pg_shadow or pg_group changes.

regards, tom lane

In response to

Responses

Browse pgsql-patches by date

  From Date Subject
Next Message Yury Bokhoncovich 2002-03-19 16:17:55 Eurodates by default
Previous Message Bruce Momjian 2002-03-19 16:12:54 Re: [HACKERS] Fixes gram.y