On Thu, Feb 11, 2010 at 17:21, Tom Lane
<tgl@sss.pgh.pa.us> wrote:
Bart Samwel <
bart@samwel.tk> writes:
> I've been working on a patch to add hostname support to pg_hba.conf.
Yes, mostly.
The previous discussions included all sorts of complex stuff such as wildcards. Personally, I'd think that in the cases where you'd want wildcards, then you should use IP / netmask configuration, because that's a way better indicator of "something that comes from the same source network entity". For instance, wildcards are nice for "all our own servers", except that you'd normally use IP / netmaks to indicate your own server subnet.
The way I see it, hostname based configuration should be plain and simple. You suggested in one of the earlier discussions that it should not be much more than removing the AI_NUMERICHOST hint in the lookup. My current solution is slightly more involved, since it performs the by-hostname lookup at check time, not at pg_hba.conf read time -- but there is not much more complexity involved. If there is a case for more complexity, then we will hear the actual use cases after this basic support is added, I guess.
Cheers,
Bart
