Home > mailing lists

Re: Parsing of pg_hba.conf and authentication inconsistencies - Mailing list pgsql-hackers

From	Magnus Hagander
Subject	Re: Parsing of pg_hba.conf and authentication inconsistencies
Date	August 2, 2008 16:39:33
Msg-id	48948DBF.2080401@hagander.net Whole thread Raw
In response to	Re: Parsing of pg_hba.conf and authentication inconsistencies (Josh Berkus <josh@agliodbs.com>)
Responses	Re: Parsing of pg_hba.conf and authentication inconsistencies (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Josh Berkus wrote:
> Magnus,
> 
>> However it would be nice to throw an error or at least a warning when
>> parsing
>> the file instead of pretending everything's ok. Perhaps authentication
>> methods
>> should have a function to check whether the method is supported which is
>> called when the file is parsed.
>>
> 
> The good way to solve this would be to have independant command line
> utilities which check pg_hba.conf, pg_ident.conf and postgresql.conf for
> errors.  Then DBAs could run a check *before* restarting the server.

While clearly useful, it'd still leave the fairly large foot-gun that is
editing the hba file and HUPing things which can leave you with a
completely un-connectable database because of a small typo. The
difference in the "could run" vs "must run, thus runs automatically" part...

//Magnus

pgsql-hackers by date:

From: Magnus Hagander
Date: 02 August 2008, 16:37:32
Subject: Re: Parsing of pg_hba.conf and authentication inconsistencies

From: Tom Lane
Date: 02 August 2008, 16:49:08
Subject: Re: Parsing of pg_hba.conf and authentication inconsistencies

Re: Parsing of pg_hba.conf and authentication inconsistencies - Mailing list pgsql-hackers

Previous

Next