Bruce,
* Bruce Momjian (br...@momjian.us) wrote:
On Tue, Dec 9, 2014 at 05:38:25PM -0500, Stephen Frost wrote:
My comment that include_realm is supported back to 8.4 was because there
is an expectation that a pg_hba.conf file can be used unchanged across
several major releases. So
Bruce, all,
* Bruce Momjian (br...@momjian.us) wrote:
On Tue, Dec 9, 2014 at 05:38:25PM -0500, Stephen Frost wrote:
My comment that include_realm is supported back to 8.4 was because there
is an expectation that a pg_hba.conf file can be used unchanged across
several major releases.
Bruce,
* Bruce Momjian (br...@momjian.us) wrote:
On Tue, Dec 9, 2014 at 05:38:25PM -0500, Stephen Frost wrote:
My comment that include_realm is supported back to 8.4 was because there
is an expectation that a pg_hba.conf file can be used unchanged across
several major releases. So
On Tue, Dec 9, 2014 at 05:38:25PM -0500, Stephen Frost wrote:
My comment that include_realm is supported back to 8.4 was because there
is an expectation that a pg_hba.conf file can be used unchanged across
several major releases. So when 9.5 comes out and people update their
pg_hba.conf
On Wed, Dec 10, 2014 at 4:53 AM, Bruce Momjian br...@momjian.us wrote:
On Tue, Dec 9, 2014 at 05:40:35PM -0500, Stephen Frost wrote:
I thought the idea was to backpatch documentation saying it's a good idea
to change this value to x because of y. Not actually referring to the
upcoming
On Tue, Dec 9, 2014 at 05:40:35PM -0500, Stephen Frost wrote:
I thought the idea was to backpatch documentation saying it's a good idea
to change this value to x because of y. Not actually referring to the
upcoming change directly. And I still think that part is a good idea, as it
helps
* Bruce Momjian (br...@momjian.us) wrote:
On Tue, Dec 9, 2014 at 05:40:35PM -0500, Stephen Frost wrote:
I thought the idea was to backpatch documentation saying it's a good idea
to change this value to x because of y. Not actually referring to the
upcoming change directly. And I still
On 12/9/14 5:40 PM, Stephen Frost wrote:
I agree with this but I don't really see why we wouldn't say hey, this
is going to change in 9.5.
Well, for one thing, we don't even know if it's going to be called 9.5. ;-)
And there is always a chance for a technical reason popping up that we
might
On 12/5/14 1:06 PM, Stephen Frost wrote:
I suggest we also backpatch some documentation suggesting that people
manually change the include_realm parameter (perhaps also with a note
saying that the default will change in 9.5).
I'll work on a patch for back-branches if everyone is alright with
On Dec 9, 2014 10:52 PM, Peter Eisentraut pete...@gmx.net wrote:
On 12/5/14 1:06 PM, Stephen Frost wrote:
I suggest we also backpatch some documentation suggesting that people
manually change the include_realm parameter (perhaps also with a note
saying that the default will change in
* Peter Eisentraut (pete...@gmx.net) wrote:
On 12/5/14 1:06 PM, Stephen Frost wrote:
I suggest we also backpatch some documentation suggesting that people
manually change the include_realm parameter (perhaps also with a note
saying that the default will change in 9.5).
I'll work on a
* Magnus Hagander (mag...@hagander.net) wrote:
On Dec 9, 2014 10:52 PM, Peter Eisentraut pete...@gmx.net wrote:
On 12/5/14 1:06 PM, Stephen Frost wrote:
I suggest we also backpatch some documentation suggesting that people
manually change the include_realm parameter (perhaps also with
* Magnus Hagander (mag...@hagander.net) wrote:
On Wed, Nov 26, 2014 at 8:01 PM, Stephen Frost sfr...@snowman.net wrote:
As such, I'd like to propose changing the default to be
'include_realm=1'.
Per our previous discussions, but to make sure it's also on record for
others, +1 for this
Greetings,
The include_realm default for GSSAPI and SSPI is currently
'include_realm=0', meaning that the realm is stripped off of the
Kerberos principal (aka the 'system' username) prior to looking up the
user in pg_authid.
This is fine in a single-realm environment but extremely
On 11/26/14 2:01 PM, Stephen Frost wrote:
As such, I'd like to propose changing the default to be
'include_realm=1'.
Sounds reasonable to me.
include_realm is supported back to 8.4, so affected users can set
include_realm=0 in their existing installations.
--
Sent via pgsql-hackers
* Peter Eisentraut (pete...@gmx.net) wrote:
On 11/26/14 2:01 PM, Stephen Frost wrote:
As such, I'd like to propose changing the default to be
'include_realm=1'.
Sounds reasonable to me.
include_realm is supported back to 8.4, so affected users can set
include_realm=0 in their
On Wed, Nov 26, 2014 at 8:01 PM, Stephen Frost sfr...@snowman.net wrote:
Greetings,
The include_realm default for GSSAPI and SSPI is currently
'include_realm=0', meaning that the realm is stripped off of the
Kerberos principal (aka the 'system' username) prior to looking up the
user
* Magnus Hagander (mag...@hagander.net) wrote:
On Wed, Nov 26, 2014 at 8:01 PM, Stephen Frost sfr...@snowman.net wrote:
This would be done for 9.5 and we would need to note it in the release
notes, of course.
I suggest we also backpatch some documentation suggesting that people
18 matches
Mail list logo
