Re: Hostnames in pg_hba.conf
| От | Bart Samwel |
|---|---|
| Тема | Re: Hostnames in pg_hba.conf |
| Дата | |
| Msg-id | ded01eb21002111402hf939f5fr1fa16a1fd36f590d@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Hostnames in pg_hba.conf (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On Thu, Feb 11, 2010 at 17:21, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Bart Samwel <bart@samwel.tk> writes:Have you read the previous discussions about that?
> I've been working on a patch to add hostname support to pg_hba.conf.
Yes, mostly.
The previous discussions included all sorts of complex stuff such as wildcards. Personally, I'd think that in the cases where you'd want wildcards, then you should use IP / netmask configuration, because that's a way better indicator of "something that comes from the same source network entity". For instance, wildcards are nice for "all our own servers", except that you'd normally use IP / netmaks to indicate your own server subnet.
The way I see it, hostname based configuration should be plain and simple. You suggested in one of the earlier discussions that it should not be much more than removing the AI_NUMERICHOST hint in the lookup. My current solution is slightly more involved, since it performs the by-hostname lookup at check time, not at pg_hba.conf read time -- but there is not much more complexity involved. If there is a case for more complexity, then we will hear the actual use cases after this basic support is added, I guess.
Cheers,
Bart
В списке pgsql-hackers по дате отправления: