Re: Indent authentication overloading

On Fri, Mar 11, 2011 at 15:36, Peter Eisentraut <peter_e@gmx.net> wrote:
> On tor, 2011-03-10 at 22:45 +0100, Magnus Hagander wrote:
>> On Thu, Mar 10, 2011 at 22:22, Bruce Momjian <bruce@momjian.us> wrote:
>> >
>> > Added to TODO:
>> >
>> >        Rename unix domain socket 'ident' connections to 'peer', to avoid
>> >        confusion with TCP 'ident'
>>
>> Should we consider adding "peer" as an alias for "ident" already in
>> 9.1 (and change the default pg_hba.conf template), and then deprecate
>> ident for 9.2 and remove it in 9.3 or something? By adding the alias
>> now (yes, I know it's not in the last CF :P), we can move what's going
>> to be a long process up one release...
>
> Might as well, if you can get it done soon.  The documentation might
> need more extensive adjustments.

The code itself is pretty easy and localized, AFAICT. Attached is a
patch taht implements "peer" for local connections, and automatically
maps "ident" on local sockets to that (with a log message saying it
did).

If people want this to go in, I'll go over the documentation as well -
as you say, that might need some more changes, but we're not as
time-critical on that (meaning we can keep polishing it through beta).

Also, I'd like to get around to making "initdb -A ident" automatically
put "peer" for local sockets as well, which is not included in this
patch but should be a very simple change.

So. Thoughts?

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/