Upcoming re-releases
The core committee has agreed that it's about time for a new set of
update releases (8.1.3, 8.0.7, etc). Barring surprises, we'll wrap
Sunday evening with expectation of general announcement Tuesday.
Any pending patches out there for the back branches?
regards, tom lane
* Tom Lane (tgl@sss.pgh.pa.us) wrote:
The core committee has agreed that it's about time for a new set of
update releases (8.1.3, 8.0.7, etc). Barring surprises, we'll wrap
Sunday evening with expectation of general announcement Tuesday.
Any pending patches out there for the back branches?
I'd really like to see the multiple DB connections with different
Kerberos credentials go in to 8.1.3. It solved the problem we were
having authenticating to PostgreSQL using Kerberos from Apache. We were
also able to get phppgadmin to use Kerberos authentication with this
patch (which is very nice). That patch also went into the 8.1.2-2
release of the Debian packages (along with the pg_restore patch which
was already committed to CVS). Havn't heard of any problems with it so
far, though 8.1.2-2 only hit the Debian mirrors yesterday.
Thanks!
Stephen
Hi,
On Wed, 2006-02-08 at 11:28 -0500, Stephen Frost wrote:
I'd really like to see the multiple DB connections with different
Kerberos credentials go in to 8.1.3. It solved the problem we were
having authenticating to PostgreSQL using Kerberos from Apache. We were
also able to get phppgadmin to use Kerberos authentication with this
patch (which is very nice). That patch also went into the 8.1.2-2
release of the Debian packages
[OT]
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
[/OT]
Regards,
--
The PostgreSQL Company - Command Prompt, Inc. 1.503.667.4564
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
Managed Services, Shared and Dedicated Hosting
Co-Authors: plPHP, plPerlNG - http://www.commandprompt.com/
* Devrim GUNDUZ (devrim@commandprompt.com) wrote:
On Wed, 2006-02-08 at 11:28 -0500, Stephen Frost wrote:
I'd really like to see the multiple DB connections with different
Kerberos credentials go in to 8.1.3. It solved the problem we were
having authenticating to PostgreSQL using Kerberos from Apache. We were
also able to get phppgadmin to use Kerberos authentication with this
patch (which is very nice). That patch also went into the 8.1.2-2
release of the Debian packages[OT]
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
[/OT]
Guess you don't use Debian much.
Thanks,
Stephen
Stephen Frost <sfrost@snowman.net> writes:
* Tom Lane (tgl@sss.pgh.pa.us) wrote:
Any pending patches out there for the back branches?
I'd really like to see the multiple DB connections with different
Kerberos credentials go in to 8.1.3.
That's a new feature, not a bug fix. I'd be against back-patching it
even if it had been in HEAD long enough to get some meaningful amount
of testing ... and since it's not even in HEAD yet ...
regards, tom lane
* Tom Lane (tgl@sss.pgh.pa.us) wrote:
Stephen Frost <sfrost@snowman.net> writes:
* Tom Lane (tgl@sss.pgh.pa.us) wrote:
Any pending patches out there for the back branches?
I'd really like to see the multiple DB connections with different
Kerberos credentials go in to 8.1.3.That's a new feature, not a bug fix. I'd be against back-patching it
even if it had been in HEAD long enough to get some meaningful amount
of testing ... and since it's not even in HEAD yet ...
It's a bug. PostgreSQL properly supports using different authentication
credentials across seperate pg_connect()'s for all of the other
authentication types. The only reason it doesn't for Kerberos is because
of improper use of static variables which aren't reset between the
authentication requests. The patch fixes this and cleans up the
static variable handling.
Thanks,
Stephen
* Devrim GUNDUZ (devrim@commandprompt.com) wrote:
[OT]
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
[/OT]
And it's days like these that make me happy to be running Debian. My
thanks go to Martin for his excellent work.
Enjoy,
Stephen
The core committee has agreed that it's about time for a new
set of update releases (8.1.3, 8.0.7, etc). Barring
surprises, we'll wrap Sunday evening with expectation of
general announcement Tuesday.
Any pending patches out there for the back branches?
I'd like to see the bugfix part of
http://archives.postgresql.org/pgsql-patches/2006-01/msg00172.php
(postmster_win32_admincheck.patch) if possible.
It's a bugfix, and it helps even without the rest of the patch - for
third party tools.
//Magnus
Import Notes
Resolved by subject fallback
On Wed, 8 Feb 2006, Tom Lane wrote:
The core committee has agreed that it's about time for a new set of
update releases (8.1.3, 8.0.7, etc). Barring surprises, we'll wrap
Sunday evening with expectation of general announcement Tuesday.
Any pending patches out there for the back branches?
I still think this should be applied to back branches. The patches queue
is really quite a bit behind.
http://archives.postgresql.org/pgsql-hackers/2006-01/msg00175.php
Kris Jurka
[OT]
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
[/OT]
This is not a Debian thing. Lots of distributions do it. I wouldn't be
surprised
if RedHat did it as well.
Joshua D. Drake
Show quoted text
Regards,
* Joshua D. Drake (jd@commandprompt.com) wrote:
[OT]
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
[/OT]This is not a Debian thing. Lots of distributions do it. I wouldn't be
surprised
if RedHat did it as well.
I'm not sure they do but they're not really a fair comparison as they
have a somewhat privileged position due to Tom (not that I'm
complaining, honestly I think it's wonderful that RH has an apparently
dedicated person for Postgres and it's outstanding that it's someone as
intelligent and knowledgable as Tom). It's certainly not uncommon for
distributions in general to patch programs which make them not-quite
pure upstream. Then again, just a recompile can break things too so
it's not like pristine source is always an option. It's also true, as
has been pointed out before, that Debian uses --enable-integer-datetimes
(or whatever the flag is) which isn't enabled by default. For the vast
majority of Debian users this is correct and better than the default but
it does mean that a PostgreSQL default-options compile will generate a
postmaster that can't work with Debian data files. Then again, if you
omit --enable-krb5 and the Debian package doesn't then if you move to a
default-compiled version you might not be able to authenticate to your
database anymore either.
Thanks,
Stephen
On Wed, Feb 08, 2006 at 06:36:10PM +0200, Devrim GUNDUZ wrote:
On Wed, 2006-02-08 at 11:28 -0500, Stephen Frost wrote:
I'd really like to see the multiple DB connections with different
Kerberos credentials go in to 8.1.3. It solved the problem we were
having authenticating to PostgreSQL using Kerberos from Apache. We were
also able to get phppgadmin to use Kerberos authentication with this
patch (which is very nice). That patch also went into the 8.1.2-2
release of the Debian packages[OT]
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
[/OT]
Debian had the patch to enable ident over unix domain sockets well
before core did. So long that I didn't even realise it was a patch
until I compiled my own version. The patch had been submitted upstream
but fell between the cracks. As a Debian user it something I like.
The changelog entry says:
* Add debian/patches/12-krb5-multiusers.patch:
- Fix krb5 credential handling in libpq for multiple connections with
different users: Don't keep credentials in global variables, but pass
them around in a new krb5_info struct.
- Patch from Stephen Frost, proposed to be adopted upstream.
I consider it a form of preventative bug fixing. Somebody on Debian is
bound to complain about it sooner or later, so may as well fix it now.
There is a group who likes having kerberos working properly...
I imagine if a similar bug affected SSL connections, people would be
jumping up and down to have it fixed.
Have a nice day,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
Show quoted text
Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
tool for doing 5% of the work and then sitting around waiting for someone
else to do the other 95% so you can sue them.
Martijn van Oosterhout <kleptog@svana.org> writes:
On Wed, Feb 08, 2006 at 06:36:10PM +0200, Devrim GUNDUZ wrote:
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
I consider it a form of preventative bug fixing.
As against which, you have to consider the probability that the Debian
patch breaks something. With a maintainer who is not one of the main PG
developers accepting patches that haven't yet been reviewed (much less
beta-tested) by the community, that risk seems far from negligible.
(Now Red Hat certainly also puts in patches that aren't yet released
upstream, but we try to avoid getting ahead of upstream patch development.)
regards, tom lane
[OT]
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
[/OT]And it's days like these that make me happy to be running Debian. My
thanks go to Martin for his excellent work.
Heh don't log into #postgresql then - we have all pretty much been
convinced after years of newbie support that Debian is the son of the
devil when it comes to PostgreSQL :)
Chris
Devrim GUNDUZ wrote:
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
I think the other important thing to consider is that this patch went
into debian's unstable branch, not stable.
Kris Jurka
* Christopher Kings-Lynne (chriskl@familyhealth.com.au) wrote:
[OT]
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
[/OT]And it's days like these that make me happy to be running Debian. My
thanks go to Martin for his excellent work.Heh don't log into #postgresql then - we have all pretty much been
convinced after years of newbie support that Debian is the son of the
devil when it comes to PostgreSQL :)
Oh, pah, I'm there already, as 'Snow-Man' and I've heard all about it.
Sorry that Debian/stable releases havn't been coming out as frequently
as they really should have been. We're working on that, honest!
Thanks,
Stephen
* Tom Lane (tgl@sss.pgh.pa.us) wrote:
Martijn van Oosterhout <kleptog@svana.org> writes:
On Wed, Feb 08, 2006 at 06:36:10PM +0200, Devrim GUNDUZ wrote:
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.I consider it a form of preventative bug fixing.
As against which, you have to consider the probability that the Debian
patch breaks something. With a maintainer who is not one of the main PG
developers accepting patches that haven't yet been reviewed (much less
beta-tested) by the community, that risk seems far from negligible.
While I appriciate the core developer's expertise I don't think lack of
being a core member alone makes Martin's critique of the patch somehow
less valuable. I've also posted the patch to both -hackers and -patches
and I'd love for the community to review it.
And, to be fair, it's going into Debian/unstable and won't be in a
stable release without further testing by the Debian/unstable users
and Debian/testing users (once it propagates there). Unless there are
serious problems with it though I expect it to be in the next stable
Debian release (currently slated for the fall, iirc). It wouldn't go
into an update to the current Debian/stable as it's not a security fix.
I'm still very much of the opinion it's a bug and it's not terribly
complicated of a fix when you look at it. The patch looks bigger than
the actual change really is because of the structure references. Those
pieces aren't actually changed beyond referencing the structure variable
instead of the static variable though.
(Now Red Hat certainly also puts in patches that aren't yet released
upstream, but we try to avoid getting ahead of upstream patch development.)
Debian in general doesn't like to differ much from upstream and so it
would certainly be nice to have the patch accepted into *some* point
release which could be included in the next stable Debian release. It
seems unlikely 8.2 will be out with enough time for it go through
Debian's testing before the next stable Debian release.
Thanks,
Stephen
Kris Jurka wrote:
On Wed, 8 Feb 2006, Tom Lane wrote:
The core committee has agreed that it's about time for a new set of
update releases (8.1.3, 8.0.7, etc). Barring surprises, we'll wrap
Sunday evening with expectation of general announcement Tuesday.
Any pending patches out there for the back branches?I still think this should be applied to back branches. The patches queue
is really quite a bit behind.http://archives.postgresql.org/pgsql-hackers/2006-01/msg00175.php
Yes, it is, no question. I am working on the INET + INT patch now.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
Devrim GUNDUZ <devrim@commandprompt.com> wrote:
Hi,
On Wed, 2006-02-08 at 11:28 -0500, Stephen Frost wrote:
I'd really like to see the multiple DB connections with different
Kerberos credentials go in to 8.1.3. It solved the problem we were
having authenticating to PostgreSQL using Kerberos from Apache. We were
also able to get phppgadmin to use Kerberos authentication with this
patch (which is very nice). That patch also went into the 8.1.2-2
release of the Debian packages[OT]
So Debian has a patch that is not in 8.1.2? I can't believe that they
are doing that -- personally I'm against to add any patch into binaries
that is not in the core.
[/OT]
You haven't been looking too closely at the way some distributions are
building their packages then. At least two of the distributions I use
regularly (Gentoo and Debian) have the habit of adding a load of patches
during package build. And not all of those go back to the upstream, to
put it mildly ...
Regards,
Alex.
--
"Opportunity is missed by most people because it is dressed in overalls and
looks like work." -- Thomas A. Edison
Alexander Schreiber wrote:
At least two of the distributions I use
regularly (Gentoo and Debian) have the habit of adding a load of patches
during package build. And not all of those go back to the upstream, to
put it mildly ...
And they are not always sensible. A while back the Gentoo packagers
decided to "improve" the messages from initdb - the patch they applied
was completely erroneous, and I believe they have now fixed it.
I tend to be suspicious of distro applied patches. (I do like the change
to use log rotation that recent Rh/Fedora packages have made.)
cheers
andrew
