Re: Open 7.3 items

Bruce Momjian <pgman@candle.pha.pa.us>

From: Bruce Momjian <pgman@candle.pha.pa.us>
To: Bruce Momjian <pgman@candle.pha.pa.us>
Cc: Lamar Owen <lamar.owen@wgcr.org>, "Marc G. Fournier" <scrappy@hub.org>, Peter Eisentraut <peter_e@gmx.net>, Ron Snyder <snyder@roguewave.com>, Neil Conway <nconway@klamath.dyndns.org>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2002-08-14T01:36:43Z
Lists: pgsql-hackers

Attachments

OK, here is the patch to implement db_user_namespace.  It includes
documentation.

I had to add to initdb to create a file /data/PG_INSTALLER and have the
postmaster read that on startup to determine the installing user.

---------------------------------------------------------------------------

Bruce Momjian wrote:
> 
> I would like to address this email.  
> 
> Lamar is mentioning that it is unfair to remove a feature without
> warning.
> 
> Let me give a little history.  The secondary password file was created
> at a time when we didn't encrypt with random salt over the wire, and we
> had people who wanted to share their /etc/passwd file with PostgreSQL.
> 
> Later, people wanted to use the secondary password file for just
> usernames, so you could list usernames in the file and limit db access
> by user.  This is the current usage for 99% of secondary password users.
> This capability is better served in 7.3 with the new USER column in
> pg_shadow and the ability to specify filenames or groups in that file. 
> Keeping the secondary password file to specify a user list while a new
> USER column exists in 7.3 is just confusing to administrators.  Our
> pg_hba.conf system is pretty complex, so anything we can do to simplify
> helps.
> 
> Now, on to Marc's case, where he does use the file for usernames _and_
> passwords.  However, he is using it only so he can have more than one
> person with the same username and restrict access based on the password
> in the secondary password file.  While this does work, my submitted
> patch makes this much easier and cleaner.
> 
> Marc had mentioned that this should be an initdb flag.  However, our
> standard procedure is to put stuff in initdb only when it can't be
> changed after initdb.  While strange, this feature can be
> enabled-disabled after initdb.  A quick update of pg_shadow can change
> usernames and you can go in and out of this mode.
> 
> Someone talked about pushing this capability into a separate pg_shadow
> column, and making CREATE/ALTER user and createuser aware of this. 
> While this can be done, and it sort of becomes user schemas, there isn't
> enough people wanting this to add complexity to those commands.  A GUC
> flag will meet most peoples needs at this point.
> 
> Some mentioned using user@dbname, though the idea of sorting made
> several recant their votes.
> 
> So, based on the voting, I think dbname.username is an agreed-upon
> feature addition for 7.3.  I will work on a final patch with
> documentation and post it to the patches list for more comment.
> 

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073