[Pgpool-hackers] Reload does not help if password file changed

Gurjeet Singh singh.gurjeet at gmail.com
Wed Sep 28 14:18:06 UTC 2011 

Hi Tatsuo,

    Any feedback on the correctness of the patch?

Thanks,

On Mon, Sep 26, 2011 at 10:18 PM, Gurjeet Singh <singh.gurjeet at gmail.com>wrote:

> Hi Tatsuo,
>
>     Please find an updated patch. I am now using strcmp() to check if we
> need to reopne the file, just like the code in main.c, instead of comparing
> the value with NULL.
>
> Regards,
>
>
> On Mon, Sep 26, 2011 at 9:57 PM, Tatsuo Ishii <ishii at sraoss.co.jp> wrote:
>
>> Thanks for report and patches. I will take care of this.
>> --
>> Tatsuo Ishii
>> SRA OSS, Inc. Japan
>> English: http://www.sraoss.co.jp/index_en.php
>> Japanese: http://www.sraoss.co.jp
>>
>> > Hi,
>> >
>> >     Maybe this is expected behaviour, but it definitely is not
>> desirable. If
>> > we add a new user:passwrod to the contents of pool_passwd file and send
>> a
>> > reload signal to pgpool, the child processes are still not able to honor
>> the
>> > new user and the trying to login using the new user causes error "MD5
>> > authentication failed..."
>> >
>> >     I have diagnosed it back to the fact that pgpool uses stdio.h
>> interface
>> > (FILE *) to access the pool_passwd file, and it reads the contents of
>> the
>> > file for every new login that requests MD5 authentication. The problem
>> with
>> > the stdio.h interface is that it caches the contents of the file and it
>> does
>> > not refresh the cache even when the contents of the file change on-disk,
>> so
>> > every time pgpool tries to read new user's password it does not see the
>> new
>> > entry and hence fails.
>> >
>> >     To be able to connect as the new user we have to either restart
>> pgpool
>> > or wait for a new child to be forked which will see the new contents of
>> the
>> > file. All of these problems also apply to the case where we might alter
>> the
>> > password of an existing user and update the md5 password in pool_passwd
>> > file.
>> >
>> >     I have attached a minimal patch to address this issue. In the patch,
>> we
>> > save the file path that was initially used to open the pool_passwd and
>> upon
>> > every reload the child closes and reopens the file so that the stdio.h
>> > interface does not show it cached data.
>> >
>> > Regards,
>> > --
>> > Gurjeet Singh
>> > EnterpriseDB Corporation
>> > The Enterprise PostgreSQL Company
>>
>
>
>
> --
> Gurjeet Singh
> EnterpriseDB Corporation
> The Enterprise PostgreSQL Company
>
>


-- 
Gurjeet Singh
EnterpriseDB Corporation
The Enterprise PostgreSQL Company
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pgfoundry.org/pipermail/pgpool-hackers/attachments/20110928/4d9dc54b/attachment.html>

More information about the Pgpool-hackers mailing list