Participants
salah jubeh
salah jubeh
Bruce Momjian
Bruce Momjian
Attachments
Show all attachments
Thread Outline
#1salah jubehsalah jubeh
Feb 14, 2014
#2Bruce MomjianBruce Momjianto salah jubeh (#1)
Feb 14, 2014
#3salah jubehsalah jubehto Bruce Momjian (#2)
Feb 14, 2014

pg_hba.conf analysis tool

Started by salah jubehabout 12 years ago3 messagesgeneral
Jump to latest
#1salah jubeh
salah jubeh
s_jubeh@yahoo.com

Hello,

I am looking for a tool that could help me in analyzing the pg_hab.conf file. For example , detecting duplicates, unused entries, and overlaping entries.

Regards

#2Bruce Momjian
Bruce Momjian
bruce@momjian.us
In reply to: salah jubeh (#1)
Re: pg_hba.conf analysis tool

On Fri, Feb 14, 2014 at 07:28:38AM -0800, salah jubeh wrote:

Hello,

I am looking for a tool that could help me in analyzing the pg_hab.conf file.
For example , detecting duplicates, unused entries, and overlaping entries.

We are in the process of talking about this:

/messages/by-id/86fvnm5t44.fsf@jerry.enova.com

I know of no tool currently available.

--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ Everyone has their own god. +

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

#3salah jubeh
salah jubeh
s_jubeh@yahoo.com
In reply to: Bruce Momjian (#2)
Re: pg_hba.conf analysis tool

We are in the process of talking about this:

    /messages/by-id/86fvnm5t44.fsf@jerry.enova.com

I know of no tool currently available.

Thank you, for the reply. I think, my case might be a little bit different.
I am working with several clusters and I find sometimes pg_hba rules which does not make sense. So, a tool which could give hints or detect bad configurations might help.

For example

local   all         appl1                          trust
local   all         appl1                          md5

Or  
host    all         all         IP_ADDRESS/24       md5
host    all         all         IP_ADDRESS/32       md5

OR
host    all         all         IP_ADDRESS/24       reject
host    all         all         IP_ADDRESS/32       md5
OR
host    all         all         IP_ADDRESS1/32       md5
host    all         all         IP_ADDRESS2/32       md5
host    all         all         IP_ADDRESS3/32       md5
host    all         all         IP_ADDRESS4/32       md5
....
which could be replaced
host    all         all         IP_ADDRESS1/24       md5

Regards

On Friday, February 14, 2014 4:39 PM, Bruce Momjian <bruce@momjian.us> wrote:

On Fri, Feb 14, 2014 at 07:28:38AM -0800, salah jubeh wrote:

Hello,

I am looking for a tool that could help me in analyzing the pg_hab.conf file.
For example , detecting duplicates, unused entries, and overlaping entries.

We are in the process of talking about this:

    /messages/by-id/86fvnm5t44.fsf@jerry.enova.com

I know of no tool currently available.

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                            http://enterprisedb.com

  + Everyone has their own god. +

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

← Back to Topics