* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> Stephen Frost <sfrost@snowman.net> writes:
> > Alright, sorry to just jump in here in the middle, but I don't see why
> > pg_hba.conf couldn't be made to work just like pg_shadow (or rather,
> > pg_authid or whatever it is now :).
>
> (1) pg_hba.conf is fundamentally order-sensitive; SQL tables are
> fundamentally not. I think it would be a bad idea to try to make
> pg_hba.conf be an image of a SQL table.
You could, of course, have an 'order by' and a column which specifies
the ordering to be applied. I'm not entirely convinced pg_hba is best
as an ordered setup anyway, and this would perhaps be an opportunity to
move it from first-match to best-match.
> (2) You have to be able to edit pg_hba.conf manually before you start
> the server for the first time.
We could have a default setup and options to initdb to create it
correctly if you need something different initially. I'm not convinced
you couldn't have a decent default anyway though.
Thanks,
Stephen