Re: [Ignor Whois] Re: Connect error - Mailing list pgsql-novice

From Bill Moseley
Subject Re: [Ignor Whois] Re: Connect error
Date
Msg-id 20040112182202.GF559@hank.org
Whole thread Raw
In response to Re: Connect error  (Bruno Wolff III <bruno@wolff.to>)
Responses Re: [Ignor Whois] Re: Connect error
List pgsql-novice
On Mon, Jan 12, 2004 at 11:57:42AM -0600, Bruno Wolff III wrote:
>
> Since sameuser is a special ident map you can't use it as a named map in
> the pg_ident.conf map.

I thought maybe the pg_ident.conf file was enough to simply say
"connections from www-data should be considered as coming from user
moseley" and then sameuser would work (i.e. www-data would be able to
connect to moseley's databases).

BTW -- when using a map like this that uses the ident service, what dsn
string is used when connecting?  (I'm using Perl, BTW.)

> > bumby:/etc/postgresql# fgrep testmap pg_hba.conf pg_ident.conf
> > pg_hba.conf:host    all         all         127.0.0.1         255.255.255.255   ident testmap
> > pg_ident.conf:testmap      moseley  www-data
> >
> > So I think I'm missing an important concept.
>
> I think you are pretty close. In the last case you enabled ident authentication
> using testmap for internet connections, but unless you did this for local
> connections (domain sockets) as well, it wouldn't apply since the way you
> are using psql will use a domain socket to connect (unless you have set
> the PGHOST environment variable).

You mean adding a "local" entry too?

host    all         all         127.0.0.1         255.255.255.255   ident testmap
local   all         all                                             ident testmap

bumby:/etc/postgresql$ psql newdb
psql: FATAL:  user "www-data" does not exist
bumby:/etc/postgresql$ psql -Umoseley newdb
psql: FATAL:  IDENT authentication failed for user "moseley"
bumby:/etc/postgresql$ psql -Uwww-data newdb
psql: FATAL:  user "www-data" does not exist

This is why I ended up creating a new database user with a password and then
granting access to ALL of my objects to the new database user.  And then
using that username/password in the connect string in the web
application.

Can I turn on debugging in Postgresql to see why it's failing?  That
would likely help resolve the problem.


--
Bill Moseley
moseley@hank.org


pgsql-novice by date:

Previous
From: Bruno Wolff III
Date:
Subject: Re: Connect error
Next
From: Bruno Wolff III
Date:
Subject: Re: [Ignor Whois] Re: Connect error