-----Original Message-----
From: Bruce Momjian [mailto:pgman@candle.pha.pa.us]
Sent: Sun 7/31/2005 4:39 AM
To: Dave Page
Cc: Tom Lane; Magnus Hagander; PostgreSQL-development
Subject: Remote administration functionality
> The idea of the patch was to give applications the full unix I/O
> capabilities, allowing them to program these functions into
> administration applications. I think the group generally would like a
> higher-level API that allows something like:
>
> SET GLOBAL log_statement = 'mod';
Sounds reasonable (and quite nice) for postgresql.conf, but consider pg_hba.conf. The production systems I run at work
haveheavily commented pg_hba.conf files, with entries that are intentionally ordered. As you know, unlike
postgresql.conf,there is no fixed set of possible entries. How can we create a cleaner inteface for that, and be able
tomaintain annotations in the file in a way that works well when using tools and text editors at different times?
The best I have come up with is functions similar to:
SELECT pg_set_hba_line(20, 'hostssl all all 192.168.1.1/32 md5');
SELECT pg_add_hba_line(19, '# Allow global access for Dave''s test workstation');
SELECT pg_delete_hba_line(24);
However, there are a couple of things that concern me about doing it this way:
- It would make the client code much more complex as it would need to track each change the user makes individually,
beforeapplying the end result.
- It doesn't really give us a cleaner, less hackish interface and just seems like work for the sake of it.
I suppose we could just add functions like:
pg_write_hba_file('File contents'::text);
pg_read_hba_file() AS text;
Which would limit what the functions could be used for to their precisely intended purpose, without compromising
flexibility.
> Given the confusion about the patch, I think we can give folks some time
> to work on any additional remote administration bulleted items while we
> clean out the patches queue.
Thank you - and my apologies if anyone thought my previous rant came across too srongly, or was unjustified.
Regards, Dave
