Re: [COMMITTERS] pgsql: Add connection messages for streaming replication.
| От | Simon Riggs | 
|---|---|
| Тема | Re: [COMMITTERS] pgsql: Add connection messages for streaming replication. | 
| Дата | |
| Msg-id | 1269428940.8481.7805.camel@ebony обсуждение исходный текст | 
| Ответ на | Re: [COMMITTERS] pgsql: Add connection messages for streaming replication. (Fujii Masao <masao.fujii@gmail.com>) | 
| Ответы | Re: Re: [COMMITTERS] pgsql: Add connection messages for
 streaming  replication. | 
| Список | pgsql-hackers | 
On Wed, 2010-03-24 at 19:49 +0900, Fujii Masao wrote: > On Wed, Mar 24, 2010 at 7:29 PM, Simon Riggs <simon@2ndquadrant.com> wrote: > > So we are allowing a database to be called "REPLICATION"? > > Yes. > > > Surely there > > are some significant problems in that case. How will access control to > > that database work in the pg_hba.conf? > > We can do that by enclosing the database field of pg_hba.conf in double > quotes as follows. > > TYPE DATABASE USER CIDR-ADDRESS METHOD > host "replication" foo 192.168.0.5 md5 > > In pg_hba.conf, double-quoted keyword like "all", "sameuser", "samerole" > or "replication" matches a database with that name. So we might have a pg_hba.conf that looks like this TYPE DATABASE USER CIDR-ADDRESS METHOD host "replication" foo 192.168.0.5 md5 host replication foo 192.168.0.5 md5 Which looks pretty strange. I think we should change that, though if not we should at least document it. That probably tips the balance towards having the alternate wording: LOG: replication connection authorized: user=foo It also highlights another problem: it's possible to have database names that contain spaces. There are no double quotes around most of the things that get logged. So if we do CREATE DATABASE "oh my god"; will cause things like this to be logged without quotes LOG: connection authorized: user=foo database=oh my god -- Simon Riggs www.2ndQuadrant.com
В списке pgsql-hackers по дате отправления: