blob: 5c0b97dacca4750b5a98dcd162a5acc7d5432504 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
# This source code is released into the public domain.
#
# Postgres doesn't support any sort of defined ACL, so instead we just add
# hostssl entries for each prefix.
POSTGRES_FILE="/var/db/postgres/pg_hba.ldap"
POSTGRES_TEMP="${POSTGRES_FILE}.ldaptmp"
if [ ! -f "$POSTGRES_FILE" ]; then
exit 0
fi
awk <"$NETWORKS_FILE" >"$POSTGRES_TEMP" '{
print "hostssl all all " $1 " scram-sha-256"
}'
if cmp -s "$POSTGRES_TEMP" "$POSTGRES_FILE"; then
rm "$POSTGRES_TEMP"
exit 0
fi
printf '%s updated:\n\n' "$POSTGRES_FILE"
diff "$POSTGRES_FILE" "$POSTGRES_TEMP"
printf '\n'
mv "$POSTGRES_TEMP" "$POSTGRES_FILE"
/usr/sbin/service postgresql reload
|
