Search Postgresql Archives

auditing pg_hba.conf

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

We manage hundreds of clusters and a handful of distinct pg_hba.conf files across several sites. We are mostly satisfied with our automated method of management, but on occasion, someone will hand edit a pg_hba.conf file, and some application will get locked out. This a bad. We'd like to be able to do a few things related to auditing pg_hba.conf:

1.  Store a copy of pg_hba.conf on server start or reload

2.  Have an audit trail that shows when particular rules were loaded.

3. Compare the contents of pg_hba.conf to the rules that are actually loaded.

4. Alert the DBA when the rules loaded differ from the file that was previously loaded.

We can accomplish #1 and #2 by having a shell command copy the file, or by storing rules in a db table. I'm not sure that #3 and #4 are possible until we accomplish #1. I'm not aware of any function or catalog table/view that stores pg_hba rules. I'm curious to know if anyone has any suggestions, or has solved a similar problem.

Best Regards,

JP

--
JP Fletcher
Database Administrator
Afilias Canada
voice: 416.646.3304 ext. 4123
fax: 416.646.3305
mobile: 416.561.4763
jpfletch@xxxxxxxxxxxxxxx



--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux