pgsql: Add support for file inclusions in HBA and ident configuration f

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: pgsql-committers(at)lists(dot)postgresql(dot)org
Subject: pgsql: Add support for file inclusions in HBA and ident configuration f
Date: 2022-11-24 04:52:21
Message-ID: E1oy4Dk-000aPD-Mq@gemulon.postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers

Add support for file inclusions in HBA and ident configuration files

pg_hba.conf and pg_ident.conf gain support for three record keywords:
- "include", to include a file.
- "include_if_exists", to include a file, ignoring it if missing.
- "include_dir", to include a directory of files. These are classified
by name (C locale, mostly) and need to be prefixed by ".conf", hence
following the same rules as GUCs.

This commit relies on the refactoring pieces done in efc9816, ad6c528,
783e8c6 and 1b73d0b, adding a small wrapper to build a list of
TokenizedAuthLines (tokenize_include_file), and the code is shaped to
offer some symmetry with what is done for GUCs with the same options.

pg_hba_file_rules and pg_ident_file_mappings gain a new field called
file_name, to track from which file a record is located, taking
advantage of the addition of rule_number in c591300 to offer an
organized view of the HBA or ident records loaded.

Bump catalog version.

Author: Julien Rouhaud
Reviewed-by: Michael Paquier
Discussion: https://postgr.es/m/20220223045959.35ipdsvbxcstrhya@jrouhaud

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/a54b658ce77b6705eb1f997b416c2e820a77946c

Modified Files
--------------
doc/src/sgml/client-auth.sgml | 86 ++++++++++++---
doc/src/sgml/system-views.sgml | 22 +++-
src/backend/libpq/hba.c | 192 +++++++++++++++++++++++++++++----
src/backend/libpq/pg_hba.conf.sample | 27 +++++
src/backend/libpq/pg_ident.conf.sample | 26 +++++
src/backend/utils/adt/hbafuncs.c | 39 ++++---
src/include/catalog/catversion.h | 2 +-
src/include/catalog/pg_proc.dat | 12 +--
src/test/regress/expected/rules.out | 6 +-
9 files changed, 352 insertions(+), 60 deletions(-)

Browse pgsql-committers by date

  From Date Subject
Next Message Michael Paquier 2022-11-24 07:09:55 pgsql: Add the database name to the ps display of logical WAL senders
Previous Message David Rowley 2022-11-24 04:22:44 pgsql: Speedup hash index builds by skipping needless binary searches