2015-11-25 8:05 GMT+01:00 Haribabu Kommi <kommi.harib...@gmail.com>:
> On Tue, Nov 17, 2015 at 9:37 AM, Peter Eisentraut <pete...@gmx.net> wrote:
> > On 11/16/15 2:37 AM, Haribabu Kommi wrote:
> >> On Mon, Nov 16, 2015 at 2:30 PM, Peter Eisentraut <pete...@gmx.net>
> wrote:
> >>> On 7/21/15 5:15 AM, Haribabu Kommi wrote:
> >>>> With the output of this view, administrator can identify the lines
> >>>> that are matching for the given
> >>>> criteria easily without going through the file.
> >>>
> >>> How is this useful? I could see the use if you want to debug cases of
> >>> user foo on host bar says they can't connect, but you can't impersonate
> >>> them to verify it. But then all you need is a function with a scalar
> >>> result, not a result set.
> >>
> >> Do you mean the function should return true or false based on the
> connection
> >> status with the provided arguments?
> >>
> >> I also feel difficult to understand the function result as compared to
> a view.
> >
> > An hba lookup is essentially a lookup by user name, database name,
> > client address, yielding an authentication method (possibly with
> > parameters). So I think this function should work that way as well:
> > arguments are user name, database name, and so on, and the return value
> > is an authentication method. Maybe it would be some kind of record,
> > with line number and some parameters.
> >
> > That would address the use case I put forth above. I don't know whether
> > that's what you were going for.
>
> Thanks. Here I attached the poc patch that returns authentication method
> of the
> first matched hba entry in pg_hba.conf with the given input values.
> Currently these
> functions returns text type. Based on the details required to be
> printed, it can
> be changed.
>
> postgres=# select pg_hba_lookup('all', 'all');
> pg_hba_lookup
> ---------------
> trust
> (1 row)
>
> comments for the approach?
>
>From my perspective, it shows too less informations.
What I am expecting:
1. line num of choosed rule
2. some tracing - via NOTICE, what and why some rules was skipped.
Regards
Pavel
>
> Regards,
> Hari Babu
> Fujitsu Australia
>
>
> --
> Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-hackers
>
>
