Magnus Hagander wrote: > Magnus Hagander wrote: > > [about the ability to use different maps for ident auth, gss and krb > auth for example] > > >>>> It wouldn't be very easy/clean to do that w/o breaking the existing > >>>> structure of pg_ident though, which makes me feel like using seperate > >>>> files is probably the way to go. > > Actually, I may have to take that back. We already have support for > multiple maps in the ident file, I'm not really sure anymore of the case > where this wouldn't be enough :-) > > That said, I still think we want to parse pg_hba in the postmaster, > because it allows us to not load known broken files, and show errors > when you actually change the file etc. ;-) > > I did code up a POC patch for it, and it's not particularly hard to do. > Mostly it's just moving the codepath from the backend to the postmaster. > I'll clean it up a but and post it, just so ppl can see what it looks > like...
To address Magnus' specific question, right now we store the pg_hba.conf tokens as strings in the postmaster. I am fine with storing them in a more native format and throwing errors for values that don't convert. What would concern me is calling lots of 3rd party libraries from the postmaster to validate items. -- Bruce Momjian <[EMAIL PROTECTED]> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers