Mark Woodward wrote:
Mark Woodward wrote:
Added to TODO:
o Allow pg_hba.conf to specify host names along with IP
addresses
Host name lookup could occur when the postmaster reads the
pg_hba.conf file, or when the backend starts. Another
solution would be to reverse lookup the connection IP and
check that hostname against the host names in pg_hba.conf.
We could also then check that the host name maps to the IP
address.
I'm not so sure you need to be paranoid about it. The scenario is, at
startup or HUP, names are looked up and stored as IP addresses. Then hba
works as it is supposed too.
If you do it like that you destroy the only real use case I can see for
this that has much value, namely to handle cases where the address can
change dynamically.
How "dynamically" are you talking about?
If you are using a DNS server, what is your TTL on the records? A simple
-HUP once every half hour is more than sufficient. If you are using ssh to
update the hosts file, adding a simple -HUP tp the script is not a big
deal.
If I am a road warrior I want to be able to connect, run my dynamic dns
client, and go.
HUPing the postmaster every 30 minutes sounds horrible, and won't work
for what strikes me as the scenario that needs this most. And we surely
aren't going to build TTL logic into postgres.
I repeat - let's do this the simple way.
cheers
andrew
---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
