diff options
| author | Lexi Winter <lexi@le-fay.org> | 2025-07-22 08:57:54 +0100 |
|---|---|---|
| committer | Lexi Winter <lexi@le-fay.org> | 2025-07-22 08:57:54 +0100 |
| commit | 529a94419e99c8bc81303d6a423be87c5c87c2b5 (patch) | |
| tree | bed453a7dea7ecc13bad175abaf6c3b18ae3e778 /postgres.sh | |
| parent | ab97b60b8f36ea153d4f29a3c5519bdb340661d2 (diff) | |
| download | lfldap-1.5.tar.gz lfldap-1.5.tar.bz2 | |
add a hook for postgresv1.5
Diffstat (limited to 'postgres.sh')
| -rw-r--r-- | postgres.sh | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/postgres.sh b/postgres.sh new file mode 100644 index 0000000..5c0b97d --- /dev/null +++ b/postgres.sh @@ -0,0 +1,27 @@ +# This source code is released into the public domain. +# +# Postgres doesn't support any sort of defined ACL, so instead we just add +# hostssl entries for each prefix. + +POSTGRES_FILE="/var/db/postgres/pg_hba.ldap" +POSTGRES_TEMP="${POSTGRES_FILE}.ldaptmp" + +if [ ! -f "$POSTGRES_FILE" ]; then + exit 0 +fi + +awk <"$NETWORKS_FILE" >"$POSTGRES_TEMP" '{ + print "hostssl all all " $1 " scram-sha-256" +}' + +if cmp -s "$POSTGRES_TEMP" "$POSTGRES_FILE"; then + rm "$POSTGRES_TEMP" + exit 0 +fi + +printf '%s updated:\n\n' "$POSTGRES_FILE" +diff "$POSTGRES_FILE" "$POSTGRES_TEMP" +printf '\n' + +mv "$POSTGRES_TEMP" "$POSTGRES_FILE" +/usr/sbin/service postgresql reload |