Re: Open 7.3 items

Tom Lane wrote:
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > Problem is that pg_shadow flat file _only_ has users with passwords. I
> > do a btree search of that file, but I am not sure I want to add a dump
> > of _all_ users just to allow this. Do we?
>
> Why not? Doesn't seem like a big penalty ...

Well, in most cases pg_pwd doesn't even get created unless someone has a
password. We would be creating that file in all cases, or at least in
all cases wher db_user_namespace is set, and again, that is a SIGHUP
param, so you would need to make sure pg_pwd has the right contents if
it was enabled during a sighup. Frankly, I would recommend a new file
that just contains user names and is always created.

We are basically heading down the road to complexity here.

In fact, pg_hba.conf is just a microcosm of how we are going to handle
pg_shadow matching. If we create dave(at)db1, then when dave tries to
connect to db1, he comes in as dave(at)db1, but when he goes to connect to
db2, if there is a plain 'dave', he will connect as 'dave' to db2, if
possible.

If people are OK with that, then I can easily push the double-testing
down into the authentication system. It merely means testing the new
pg_hba.conf USER column for two values, and pg_shadow for two values,
but I would test with @db first.

The double testing just seems strange to me because it splits the user
namespace into two parts one with @ and one without, and conflicting
user parts in the two namespaces do interact when @db does not match.
That seems strange, but hey, if no one else thinks it is strange, it is
easy to code. It is basically the same as testing pg_pwd, just doing it
later in the code.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073