* Tomas Vondra (tomas.vondra@2ndquadrant.com) wrote:
> On 27.2.2015 17:59, Stephen Frost wrote:
> > All,
> >
> > * Tomas Vondra (tomas.vondra@2ndquadrant.com) wrote:
> >>
> >> The other feature that'd be cool to have is a debugging function
> >> on top of the view, i.e. a function pg_hba_check(host, ip, db,
> >> user, pwd) showing which hba rule matched. But that's certainly
> >> nontrivial.
> >
> > I'm not sure that I see why, offhand, it'd be much more than trivial
> > ...
>
> From time to time I have to debug why are connection attempts failing,
> and with moderately-sized pg_hba.conf files (e.g. on database servers
> shared by multiple applications) that may be tricky. Identifying the
> rule that matched (and rejected) the connection would be helpful.
To clarify, I was trying to say that writing that function didn't seem
very difficult to me. I definitely think that *having* that function
would be very useful.
> But yes, that's non-trivial and out of scope of this patch.
For my 2c, I view this as somewhat up to the author. I wouldn't
complain if it was included in a new version of this patch as I don't
think it'd add all that much complexity and it'd be very nice, but I
certainly think this patch could go in without that too.
Thanks!
Stephen
