Participants
Tom Lane
Tom Lane
Bruce Momjian
Bruce Momjian
Bruce Momjian - CVS
Bruce Momjian - CVS
Lamar Owen
Lamar Owen
Attachments

No attachments in this thread

Thread Outline
#1...#4
Bruce Momjian - CVSTom LaneBruce Momjian
Jul 30, 2001
#1Bruce Momjian - CVSBruce Momjian - CVS
Jul 30, 2001
#2Tom LaneTom Laneto Bruce Momjian - CVS (#1)
Jul 31, 2001
#3Bruce MomjianBruce Momjianto Tom Lane (#2)
Jul 31, 2001
#4Tom LaneTom Laneto Bruce Momjian (#3)
Jul 31, 2001
#5...#8
Bruce MomjianTom Lane
to Tom Lane (#4)
Jul 31, 2001
#5Bruce MomjianBruce Momjianto Tom Lane (#4)
Jul 31, 2001
#7Tom LaneTom Laneto Bruce Momjian (#5)
Jul 31, 2001
#8Bruce MomjianBruce Momjianto Tom Lane (#7)
Aug 01, 2001
#6Lamar OwenLamar Owento Tom Lane (#4)
Jul 31, 2001

pgsql/src backend/libpq/hba.c backend/postmast ...

Started by Bruce Momjian - CVSover 24 years ago8 messages
#1Bruce Momjian - CVS
Bruce Momjian - CVS
momjian@hub.org

CVSROOT: /home/projects/pgsql/cvsroot
Module name: pgsql
Changes by: momjian@hub.org 01/07/30 10:50:24

Modified files:
src/backend/libpq: hba.c
src/backend/postmaster: postmaster.c
src/backend/tcop: postgres.c
src/include/libpq: hba.h

Log message:
Load pg_hba.conf and pg_ident.conf on startup and SIGHUP into List of
Lists, and use that for user validation.

Bruce Momjian

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Bruce Momjian - CVS (#1)
pg_hba.conf pre-parsing change

Bruce Momjian - CVS <momjian@hub.org> writes:

Load pg_hba.conf and pg_ident.conf on startup and SIGHUP into List of
Lists, and use that for user validation.

While this should be a nice speedup, it bothers me somewhat that the old
behavior of reacting immediately to pg_hba.conf and pg_ident.conf
updates has been changed. (And you didn't update the documentation to
say so --- tsk tsk.)

Would it make sense to do fstat calls on these files and reload whenever
we observe that the file modification time has changed? That'd be an
additional kernel call per connection attempt, so I'm not at all sure
I want to do it ... but it ought to be debated. Comments anyone?

regards, tom lane

#3Bruce Momjian
Bruce Momjian
pgman@candle.pha.pa.us
In reply to: Tom Lane (#2)
Re: pg_hba.conf pre-parsing change

Bruce Momjian - CVS <momjian@hub.org> writes:

Load pg_hba.conf and pg_ident.conf on startup and SIGHUP into List of
Lists, and use that for user validation.

While this should be a nice speedup, it bothers me somewhat that the old
behavior of reacting immediately to pg_hba.conf and pg_ident.conf
updates has been changed. (And you didn't update the documentation to
say so --- tsk tsk.)

Oh, I didn't realize we documented that.

Would it make sense to do fstat calls on these files and reload whenever
we observe that the file modification time has changed? That'd be an
additional kernel call per connection attempt, so I'm not at all sure
I want to do it ... but it ought to be debated. Comments anyone?

We could, but we don't with postgresql.conf so it made sense to keep the
behavior the same for the two files.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026
#4Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Bruce Momjian (#3)
Re: pg_hba.conf pre-parsing change

Bruce Momjian <pgman@candle.pha.pa.us> writes:

Would it make sense to do fstat calls on these files and reload whenever
we observe that the file modification time has changed? That'd be an
additional kernel call per connection attempt, so I'm not at all sure
I want to do it ... but it ought to be debated. Comments anyone?

We could, but we don't with postgresql.conf so it made sense to keep the
behavior the same for the two files.

I'm inclined to agree --- for one thing, this allows one to edit the
files in place without worrying that the postmaster will pick up a
partially-edited file. But I wanted to throw the issue out to pghackers
to see if anyone would be really unhappy about having to SIGHUP the
postmaster after changing the authorization conf files.

In any case, if we don't change the code, the change in behavior from
prior releases needs to be documented...

regards, tom lane

#5Bruce Momjian
Bruce Momjian
pgman@candle.pha.pa.us
In reply to: Tom Lane (#4)
Re: Re: pg_hba.conf pre-parsing change

Bruce Momjian <pgman@candle.pha.pa.us> writes:

Would it make sense to do fstat calls on these files and reload whenever
we observe that the file modification time has changed? That'd be an
additional kernel call per connection attempt, so I'm not at all sure
I want to do it ... but it ought to be debated. Comments anyone?

We could, but we don't with postgresql.conf so it made sense to keep the
behavior the same for the two files.

I'm inclined to agree --- for one thing, this allows one to edit the
files in place without worrying that the postmaster will pick up a
partially-edited file. But I wanted to throw the issue out to pghackers
to see if anyone would be really unhappy about having to SIGHUP the
postmaster after changing the authorization conf files.

OK.

In any case, if we don't change the code, the change in behavior from
prior releases needs to be documented...

You mean in the SGML or in the release highlight text?

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026
#6Lamar Owen
Lamar Owen
lamar.owen@wgcr.org
In reply to: Tom Lane (#4)
Re: Re: pg_hba.conf pre-parsing change

On Tuesday 31 July 2001 19:20, Tom Lane wrote:

Bruce Momjian <pgman@candle.pha.pa.us> writes:

We could, but we don't with postgresql.conf so it made sense to keep the
behavior the same for the two files.

I'm inclined to agree --- for one thing, this allows one to edit the
files in place without worrying that the postmaster will pick up a
partially-edited file. But I wanted to throw the issue out to pghackers
to see if anyone would be really unhappy about having to SIGHUP the
postmaster after changing the authorization conf files.

Hmmm...

I much prefer having to SIGHUP postmaster -- that is semistandard daemon
behavior, no? If enough people want the other behavior, add a
postgresql.conf setting to activate 'modification notification' for config
files.

If nothing else, an 'accidental' pg_hba.conf corruption, deletion, or
malicious change has to have a 'confirmation' step before a running
postmaster sees the changes.
--
Lamar Owen
WGCR Internet Radio
1 Peter 4:11

#7Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Bruce Momjian (#5)
Re: Re: pg_hba.conf pre-parsing change

Bruce Momjian <pgman@candle.pha.pa.us> writes:

In any case, if we don't change the code, the change in behavior from
prior releases needs to be documented...

You mean in the SGML or in the release highlight text?

Both. client_auth.sgml specifically states that editing the file is
sufficient to make changes, and I think that it'd better be mentioned
in the release notes too.

regards, tom lane

#8Bruce Momjian
Bruce Momjian
pgman@candle.pha.pa.us
In reply to: Tom Lane (#7)
Re: Re: pg_hba.conf pre-parsing change

Bruce Momjian <pgman@candle.pha.pa.us> writes:

In any case, if we don't change the code, the change in behavior from
prior releases needs to be documented...

You mean in the SGML or in the release highlight text?

Both. client_auth.sgml specifically states that editing the file is
sufficient to make changes, and I think that it'd better be mentioned
in the release notes too.

Got it, and pg_hba.conf talked about it too. Also, I added a mention
of SIGHUP to pg_ident.conf.sample.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026
← Back to Topics