| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Zsolt Parragi <zsolt(dot)parragi(at)percona(dot)com> |
| Cc: | VASUKI M <vasukianand0119(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, david(dot)g(dot)johnston(at)gmail(dot)com, Robert Haas <robertmhaas(at)gmail(dot)com>, myon(at)debian(dot)org |
| Subject: | Re: Custom oauth validator options |
| Date: | 2026-01-16 17:52:11 |
| Message-ID: | CAOYmi+kVCWCbf+yjmFSeddmqxgYTO5vU+CqwFq6EbpyLkpW=Bw@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Jan 16, 2026 at 9:14 AM Zsolt Parragi <zsolt(dot)parragi(at)percona(dot)com> wrote:
> * A hba line can be completely generic, which should be above DATABASE
> (ALTER DATABASE setting should override HBA setting, as it is more
> specific)
I think settings in the database should override the ones from the
HBA, yes. So that would put PGC_S_HBA right between, what, _ARGV and
_GLOBAL?
> The first choice seems more logical to me, as that's how pg_hba is
> usually used, but I thought this could still be confusing.
I agree it could be, but is it any more confusing than if you were to
set work_mem in postgresql.conf today, and then `ALTER ROLE ALL SET
work_mem` to something completely different?
Usability improvements for that should be made GUC-wide, I think, and
not influence the chosen order of operations for this feature (as long
as there are no new security concerns). I don't want any project
veterans, whether DBAs or maintainers, to be surprised by how a new
GUC context behaves.
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tomas Vondra | 2026-01-16 18:03:47 | Re: Parallel CREATE INDEX for GIN indexes |
| Previous Message | Zsolt Parragi | 2026-01-16 17:13:52 | Re: Custom oauth validator options |