2015-02-27 22:26 GMT+01:00 Tom Lane <t...@sss.pgh.pa.us>: > Stephen Frost <sfr...@snowman.net> writes: > > Right, we also need a view (or function, or both) which provides what > > the *active* configuration of the running postmaster is. This is > > exactly what I was proposing (or what I was intending to, at least) with > > pg_hba_active, so, again, I think we're in agreement here. > > I think that's going to be a lot harder than you realize, and it will have > undesirable security implications, in that whatever you do to expose the > postmaster's internal state to backends will also make it visible to other > onlookers; not to mention probably adding new failure modes. >
we can do copy of pg_hba.conf somewhere when postmaster starts or when it is reloaded. Later, we can read this copy from child nodes. Is it a possibility? Regards Pavel > > There are also nontrivial semantic differences in this area between > Windows and other platforms (ie in an EXEC_BACKEND build the current file > contents *are* the active version). If you insist on two views you will > need to explain why/how they act differently on different platforms. > > I think the proposed mechanism (ie read and return the current contents of > the file) is just fine, and we should stop there rather than engineering > this to death. We've survived twenty years with *no* feature of this > sort, how is it suddenly essential that we expose postmaster internal > state? > > regards, tom lane >
