| From: | Thom Brown <thom(at)linux(dot)com> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Silent failure with invalid hba_file setting |
| Date: | 2011-10-19 08:21:54 |
| Message-ID: | CAA-aLv5KPnucXxNKoBDP=5g2+M10MfK6=zAWg8CJkvgxYRx3=g@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 19 October 2011 05:50, Peter Eisentraut <peter_e(at)gmx(dot)net> wrote:
> On tis, 2011-10-18 at 18:38 -0400, Tom Lane wrote:
>> > The problem with this is you cannot get into the database as it acts
>> > as if it did find the hba file but found it empty.
>>
>> Well, an actually empty pg_hba.conf file would have the same problem,
>> and it's pretty hard to see any situation where it would be useful to
>> start the postmaster and not let it accept any connections. Should we
>> add a check to consider it an error if the file doesn't contain at least
>> one HBA record?
>
> If you try to connect and it doesn't find a record, it will tell you.
Yes, but then the user could end up pulling their hair out trying to
figure out why it's not matching any of the rules in the pg_hba.conf
file, when it's not being used at all. Because there would have been
no indication that it failed to find the file in question when the
service started, the user may, rightly or wrongly, assume that the
file was being read, but they had somehow misconfigured the file.
--
Thom Brown
Twitter: @darkixion
IRC (freenode): dark_ixion
Registered Linux user: #516935
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2011-10-19 08:44:19 | Re: (patch) regression diffs on collate.linux.utf8 test |
| Previous Message | Jun Ishiduka | 2011-10-19 07:37:32 | Re: Online base backup from the hot-standby |