Tom Lane wrote:
> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > Oh, so try it with and without. I can do that, but it seems more of a
> > security problem where you were trying two names instead of one. Do
> > people like that?
>
> The nice thing about it is you can have any combination of people with
> installation-wide access (create them as joeblow) and people with
> one-database access (create them as joeblow@joesdatabase). A special
> case for only the postgres user is much less flexible.
Oh, yes, clearly a nice addition, but see below.
> > It is easy to do, except for the fact we have to
> > match pg_hba.conf with a username, though we could do the double-test
> > there too, if that isn't too weird.
>
> It'd probably be better to first look at the flat-file copy of pg_shadow
> to determine whether user or user@database is the form to use, and then
> run through pg_hba.conf only once using the correct form. Otherwise
> there are going to be all sorts of weird corner cases: user might match
> a different pg_hba row than user@database does.
Problem is that pg_shadow flat file _only_ has users with passwords. I
do a btree search of that file, but I am not sure I want to add a dump
of _all_ users just to allow this. Do we?
> Also, if you do it this way then the substitution only has to be done in
> one place: you can pass down the correct form to the backend, which'd
> otherwise have to repeat the test to see which username is found.
Yes, certainly a big win. What we _could_ do is to allow connections to
template1 be unsuffixed by the dbname, but that makes everyone
connecting to template1 have problems, and just seemed too weird.
Ideas?
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square,
Pennsylvania19073