Re: Psql meta-command conninfo+

Поиск
Список
Период
Сортировка
От Imseih (AWS), Sami
Тема Re: Psql meta-command conninfo+
Дата
Msg-id 21B5F7D1-5E15-47AF-B5D9-CB8A2F9BF97F@amazon.com
обсуждение исходный текст
Ответ на Re: Psql meta-command conninfo+  (Alvaro Herrera <alvherre@alvh.no-ip.org>)
Список pgsql-hackers
Дерево обсуждения 
> The point about application_name is a valid one. I guess it's there
> because it's commonly given from the client side rather than being set
>server-side, even though it's still a GUC. Arguably we could remove it
> from \conninfo+, and claim that nothing that shows up in \dconfig should
> also appear in \conninfo+. Then users should get in the habit of using
> both to obtain a full picture. This sounds to me a very good compromise
> actually.

Perhaps another reason to remove "application_name" is because the
value can be modified after the connection is established. If that is also
another good reason, the same can be said about "Current User"
and "Session User" as those could be modified with SET commands.

This way conninfo could be only for attributes that will not change
during the lifetime of the connection.


Also, I just realized that pg_stat_ssl and pg_stat_gssapi will both return 0
rows if there is a set role/set session authorization, this means \conninfo+
will return empty.

postgres=> select current_user;
 current_user 
--------------
 user1
(1 row)

postgres=> select * from pg_stat_ssl ;
  pid  | ssl | version |           cipher            | bits | client_dn | client_serial | issuer_dn 
-------+-----+---------+-----------------------------+------+-----------+---------------+-----------
 27223 | t   | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 |  256 |           |               | 
(1 row)

postgres=> set role = user2;
SET
postgres=> select * from pg_stat_ssl ;
 pid | ssl | version | cipher | bits | client_dn | client_serial | issuer_dn 
-----+-----+---------+--------+------+-----------+---------------+-----------
(0 rows)

postgres=> select current_user;
 current_user 
--------------
 user2
(1 row)

postgres=> reset role;
RESET
postgres=> select current_user;
 current_user 
--------------
 user1
(1 row)

postgres=> select * from pg_stat_ssl ;
  pid  | ssl | version |           cipher            | bits | client_dn | client_serial | issuer_dn 
-------+-----+---------+-----------------------------+------+-----------+---------------+-----------
 27223 | t   | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 |  256 |           |               | 
(1 row)


Regards, 

Sami

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Alexander Korotkov
Дата:
Сообщение: Re: Add SPLIT PARTITION/MERGE PARTITIONS commands
Следующее
От: "David G. Johnston"
Дата:
Сообщение: Re: Reports on obsolete Postgres versions