Re: pg_hda.conf - Mailing list pgsql-novice
| From | Oliver Elphick |
|---|---|
| Subject | Re: pg_hda.conf |
| Date | |
| Msg-id | 1069508475.5767.313.camel@linda.lfix.co.uk Whole thread Raw |
| In response to | Re: pg_hda.conf (Bo Lorentsen <bl@netgroup.dk>) |
| Responses |
Re: pg_hda.conf
|
| List | pgsql-novice |
On Fri, 2003-11-21 at 23:47, Bo Lorentsen wrote: > On Fri, 2003-11-21 at 23:18, Oliver Elphick wrote: > > > Automatic update is now controlled by a debconf question; the default > > answer is no. > Ahh, then I just need to know how to turn this on, as I newer have > altered the debconf data manualy. As root: dpkg-reconfigure postgresql > Btw. I also did get some debconf warnings, but I did not store them > anywhere (as far as I know). Does it matter that I use your woody > packages on sarge (regarding debconf) ? I don't think so. > > Please show all the uncommented lines. Remember that the *first* match > > is what governs. If an earlier "ident sameuser" line has matched, your > > later additions will have no effect. > Thanks, but I tried to take this in account, but here goes : > > # DO NOT DISABLE! > # If you change this next entry you will need to make sure the postgres user > # can access the database using some other method. The postgres user needs > # non-interactive access to all databases during automatic maintenance > # (see the vacuum command and the /usr/lib/postgresql/bin/do.maintenance > # script). > local all postgres trust > local all all trust > host all all 127.0.0.1 255.255.255.255 trust > host all all 0.0.0.0 0.0.0.0 reject This certainly isn't the distributed file. What you have there should allow any user to connect on the local machine and change his identity at will. Is it this file that is giving you trouble? If this file is giving you ident errors, it cannot be the file the postmaster is using. The actual file read by the postmaster is in $PGDATA/pg_hba.conf. On Debian, that should be a symbolic link to /etc/postgresql/pg_hba.conf. If the link has been broken, no amount of editing the wrong file will fix things! > > If the old pg_hba.conf was different, the resulting behaviour would > > probably be different. What changes were there between the old and the > > new? (If you had "ident sameuser" in 7.3 (or earlier) you would never > > have been able to switch identities -- this has not changed between > > versions.) > Hmm, no changes was really made, but the old file was overwritten, so I > made a new one that contained what was needed (or at least what was what > I hoped for), and it looks like the old one :-) This is the distributed file: # DO NOT DISABLE! # If you change this first entry you will need to make sure the postgres user # can access the database using some other method. The postgres user needs # non-interactive access to all databases during automatic maintenance # (see the vacuum command and the /usr/lib/postgresql/bin/do.maintenance # script). # # TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD # Database administrative login by UNIX sockets local all postgres ident sameuser # # All other connections by UNIX sockets local all all ident sameuser # # All IPv4 connections from localhost host all all 127.0.0.1 255.255.255.255 ident sameuser # # All IPv6 localhost connections host all all ::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff ident sameuser host all all ::ffff:127.0.0.1/128 ident sameuser # # reject all other connection attempts host all all 0.0.0.0 0.0.0.0 reject To allow "www-data" to connect and change identity to "wiki" you would need to change "sameuser" to a map name and put an associated entry in pg_ident.conf. See the manual for details. -- Oliver Elphick Oliver.Elphick@lfix.co.uk Isle of Wight, UK http://www.lfix.co.uk/oliver GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C ======================================== "Can two walk together, except they be agreed?" Amos 3:3
pgsql-novice by date: