Problem with reloading groups in pg_hba.conf

I am adding users and groups to pg_hba.conf.  The coding is done but I
am stuck on a reload issue.

As you may know, 7.2 tokenizes pg_hba.conf once, and reads those tokens
to test every connection request.  I have added code to dump the
group/user mappings into global/pg_group and the postmaster can read
that file and substitute group names for users lists during
tokenization.

I have also added code to dump a new pg_group every time a group/user is
modified.  (Users have to be done because of user renaming.)

The problem is when to retokenize pg_hba.conf after a new pg_group is
made.  Seems I can either force administrators to 'pg_ctl reload' to
update for group changes, or automatically retokenize pg_hba.conf every
time I update pg_group.  (We don't have any way of handling user renames
in pg_hba.conf because we enter those as strings, but pg_group will
handle them.)

Does anyone see another option?  I can write code so only pg_global is
retokenized, but right now the user tokens are pulled out for the
matching group and inlined into the token stream.  If I have a separate
token tree for pg_group, each connection will have to spin through the
tokens looking for matching group names.  I suppose it isn't a big deal,
but I want to make sure we want to prevent auto-reloading of pg_hba.conf
on user/group changes, and just reload pg_group.

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026