On Tue, Nov 17, 2015 at 9:37 AM, Peter Eisentraut <pete...@gmx.net> wrote: > On 11/16/15 2:37 AM, Haribabu Kommi wrote: >> On Mon, Nov 16, 2015 at 2:30 PM, Peter Eisentraut <pete...@gmx.net> wrote: >>> On 7/21/15 5:15 AM, Haribabu Kommi wrote: >>>> With the output of this view, administrator can identify the lines >>>> that are matching for the given >>>> criteria easily without going through the file. >>> >>> How is this useful? I could see the use if you want to debug cases of >>> user foo on host bar says they can't connect, but you can't impersonate >>> them to verify it. But then all you need is a function with a scalar >>> result, not a result set. >> >> Do you mean the function should return true or false based on the connection >> status with the provided arguments? >> >> I also feel difficult to understand the function result as compared to a >> view. > > An hba lookup is essentially a lookup by user name, database name, > client address, yielding an authentication method (possibly with > parameters). So I think this function should work that way as well: > arguments are user name, database name, and so on, and the return value > is an authentication method. Maybe it would be some kind of record, > with line number and some parameters. > > That would address the use case I put forth above. I don't know whether > that's what you were going for.
Thanks. Here I attached the poc patch that returns authentication method of the
first matched hba entry in pg_hba.conf with the given input values.
Currently these
functions returns text type. Based on the details required to be
printed, it can
be changed.
postgres=# select pg_hba_lookup('all', 'all');
pg_hba_lookup
---------------
trust
(1 row)
comments for the approach?
Regards,
Hari Babu
Fujitsu Australia
pg_hba_lookup_poc_v2.patch
Description: Binary data
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
