| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Josh Berkus <josh(at)agliodbs(dot)com>, Gregory Stark <stark(at)enterprisedb(dot)com>, PG Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Parsing of pg_hba.conf and authentication inconsistencies |
| Date: | 2008-08-14 11:17:17 |
| Message-ID: | 48A4143D.3040303@hagander.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Magnus Hagander wrote:
[about the ability to use different maps for ident auth, gss and krb
auth for example]
>>>> It wouldn't be very easy/clean to do that w/o breaking the existing
>>>> structure of pg_ident though, which makes me feel like using seperate
>>>> files is probably the way to go.
Actually, I may have to take that back. We already have support for
multiple maps in the ident file, I'm not really sure anymore of the case
where this wouldn't be enough :-)
That said, I still think we want to parse pg_hba in the postmaster,
because it allows us to not load known broken files, and show errors
when you actually change the file etc. ;-)
I did code up a POC patch for it, and it's not particularly hard to do.
Mostly it's just moving the codepath from the backend to the postmaster.
I'll clean it up a but and post it, just so ppl can see what it looks
like...
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2008-08-14 11:35:33 | Re: benchmark farm |
| Previous Message | Jan Urbański | 2008-08-14 11:02:15 | Re: gsoc, oprrest function for text search take 2 |