From: | Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | "Shulgin, Oleksandr" <oleksandr(dot)shulgin(at)zalando(dot)de>, Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: pg_hba_lookup function to get all matching pg_hba.conf entries |
Date: | 2015-12-24 04:16:29 |
Message-ID: | CAJrrPGeTObQ3nTrb_-=SXd+W67NzpFiqdAt6z10jGTDZa0Zaqw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Thu, Dec 24, 2015 at 2:37 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> "Shulgin, Oleksandr" <oleksandr(dot)shulgin(at)zalando(dot)de> writes:
>> 1. Have you considered re-loading the HBA file upon call to this function
>> in a local context instead of keeping it in the backends memory?
>
> Aside from the security questions, please consider that this feature should
> work similarly to the current implementation of the pg_file_settings view,
> namely it tells you about what is *currently* in the on-disk files, not
> necessarily what is the active setting in the postmaster's memory.
> A backend could not be entirely sure about the postmaster's state anyway;
> and even if it could be, one of the major applications for features like
> this is testing manual changes to the files before you SIGHUP the
> postmaster. So re-reading the files on each usage is a Good Thing, IMO,
> even if it sounds inefficient.
>
>> 2. I also wonder why JSONB arrays for database/user instead of TEXT[]?
>
> Yes, that seems rather random to me too.
Here I attached updated patch with the following changes,
- Local loading of HBA file to show the authentication data
- Changed database and user types are text[]
Regards,
Hari Babu
Fujitsu Australia
Attachment | Content-Type | Size |
---|---|---|
pg_hba_lookup_poc_v8.patch | application/octet-stream | 24.2 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | David Rowley | 2015-12-24 04:23:09 | Re: PATCH: use foreign keys to improve join estimates v1 |
Previous Message | Noah Misch | 2015-12-24 04:05:34 | Re: Additional role attributes && superuser review |