[Dbconfig-common-devel] Re: Best practice for allowing access to a
postgres db
sean finney
seanius at debian.org
Sat Oct 1 14:07:32 UTC 2005
On Sat, Oct 01, 2005 at 03:52:16PM +0200, Martin Pitt wrote:
> > pg_test_hba --add --method ident dbname dbuser
> > pg_test_hba --add --ip w.x.y.z --method ident dbname dbuser
> > pg_test_hba --add --method md5 dbname dbuser
> > pg_test_hba --add --ip w.x.y.z --method md5 dbname dbuser
> > pg_test_hba --remove ...
>
> What is the purpose of --add/--remove?
with --add, pg_test_hba would base its exit status on whether the
line needed to be added, and vice versa for --remove (so when a package
is removed, the admin could ismilarly be prompted).
> My initial spec proposed that if --ip is not given, it defaults to
> lcoal Unix socket authentication. This should be consistent with
> pg_add_hba. What do you think?
yeah, that makes sense. we in mysql-land unfortunately do not have such
a distinction :)
sean
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/dbconfig-common-devel/attachments/20051001/ad9336a4/attachment.pgp
More information about the Dbconfig-common-devel
mailing list