Quick Links

Re: allow specifying direct role membership in pg_hba.conf

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc:	"Bossart, Nathan" <bossartn(at)amazon(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: allow specifying direct role membership in pg_hba.conf
Date:	2021-05-14 15:23:20
Message-ID:	1885152.1621005800@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> On 5/13/21 7:38 PM, Bossart, Nathan wrote:
>> I've attached a small patch that allows specifying only direct members
>> of a group in pg_hba.conf.

> Do we really want to be creating two classes of role membership?

Yeah, this seems to be going against the clear meaning of the
SQL spec. I realize you can argue that pg_hba.conf doesn't have
to follow the spec, but it doesn't seem like a terribly good idea
to interpret role membership differently in different places.

regards, tom lane

In response to

Re: allow specifying direct role membership in pg_hba.conf at 2021-05-14 12:11:07 from Andrew Dunstan

Responses

Re: allow specifying direct role membership in pg_hba.conf at 2021-05-14 19:00:01 from Stephen Frost

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tom Lane	2021-05-14 15:26:18	Re: alter subscription drop publication fixes
Previous Message	Bharath Rupireddy	2021-05-14 14:41:05	Re: alter subscription drop publication fixes