Re: Open 7.3 items - Mailing list pgsql-hackers
| From | Bruce Momjian |
|---|---|
| Subject | Re: Open 7.3 items |
| Date | |
| Msg-id | 200208142228.g7EMSQQ23627@candle.pha.pa.us Whole thread Raw |
| In response to | Re: Open 7.3 items (Tom Lane <tgl@sss.pgh.pa.us>) |
| Responses |
Re: Open 7.3 items
(Tom Lane <tgl@sss.pgh.pa.us>)
|
| List | pgsql-hackers |
OK, I have a new idea. Seems most don't like that 'postgres' is a special user in this context. How about if we just document that they have to create a postgres@template1 user before flipping the switch. That way, there is no special user, no PG_INSTALLER file, and no double-tests for user names. It doesn't give us a global user, but frankly, it seems that such a system is never going to work reliably. Trying to prevent namespace conflicts by checking for users without @ that may match will make @ a special character in the user namespace, and people won't like that. --------------------------------------------------------------------------- Tom Lane wrote: > Lamar Owen <lamar.owen@wgcr.org> writes: > > So the former plain 'postgres' user could still be such to us, to client > > programs, etc, but the backend would assume that that meant > > postgres@template1 -- no namespace collision, and the special case is that > > anyone@template1 has the behavior the unadorned plain user now has. > > The trouble with that scheme is that there is zero interoperability > between the plain-vanilla mode (postgres is postgres in pg_shadow) and > the @-mode (postgres is postgres@template1 in pg_shadow). Flip the > configuration switch, in either direction, and you can't log in anymore. > We'd almost have to make it a frozen-at-initdb setting so that initdb > would know which form to put into pg_shadow for the superuser, and so > that entry wouldn't break thereafter. > > The reason I like the "lowen" vs "lowen@somedb" pattern is that > database-global users can log in the same way whether the feature is > turned on or not; this eliminates the getting-started problem, as well > as the likelihood of shooting yourself in the foot. > > It is true that if you have a global user lowen you'd want to avoid > creating any local users lowen@somedb, and that the existing code > wouldn't be able to enforce that. We could possibly add a few lines > to CREATE USER to warn about this mistake. (It should be a warning not > an error, since if you have no intention of ever using the @-feature > then there's no reason to restrict your choice of usernames.) > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 4: Don't 'kill -9' the postmaster > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania19073
pgsql-hackers by date: