Rod Taylor wrote:
> I see.. @ denotes a list of users in a file.
>
> Wouldn't it make more sense to simply allow groups to be specified
> (groups from pg_group)?
>
> In my case any group I would specify for connection purposes I've
> already created for permission purposes.
Yes, groups would be a very logical thing to have in pg_hba.conf.
Unfortunately, we don't have pg_group information available to the
postmaster.
The only thing I can think of is to dump the groups out as files and
enable those in pg_hba.conf, perhaps just like we allow @file includes.
I would probably use % for group names and dump them in data/global.
How does that sound?
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026