| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com>, Greg Stark <stark(at)mit(dot)edu> |
| Cc: | Abhijit Menon-Sen <ams(at)2ndquadrant(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, "Prabakaran, Vaishnavi" <vaishnavip(at)fast(dot)au(dot)fujitsu(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Jaime Casanova <jaime(at)2ndquadrant(dot)com> |
| Subject: | Re: Providing catalog view to pg_hba.conf file - Patch submission |
| Date: | 2015-03-04 21:41:24 |
| Message-ID: | 54F77C04.4060708@gmx.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 3/3/15 7:17 PM, Jim Nasby wrote:
> I think we're screwed in that regard anyway, because of the special
> constructs. You'd need different logic to handle things like +role and
> sameuser. We might even end up painted in a corner where we can't change
> it in the future because it'll break everyone's scripts.
Yeah, I'm getting worried about this. I think most people agree that
getting a peek at pg_hba.conf from within the server is useful, but
everyone seems to have quite different uses for it. Greg wants to join
against other catalog tables, Jim wants to reassemble a valid and
accurate pg_hba.conf, Josh wants to write an editing tool. Personally,
I'd like to see something as close to the actual file as possible.
If there were an obviously correct way to map the various special
constructs to the available SQL data types, then fine. But if there
isn't, then we shouldn't give a false overinterpretation. So I'd render
everything that's disputed as a plain text field. (Not even an array of
text.)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2015-03-04 21:45:12 | Re: New CF app deployment |
| Previous Message | Stephen Frost | 2015-03-04 21:19:00 | Re: MD5 authentication needs help |