Re: Connect error - Mailing list pgsql-novice

From Russell Shaw
Subject Re: Connect error
Date
Msg-id 4003B78E.7030801@iprimus.com.au
Whole thread Raw
In response to Re: Connect error  (Bill Moseley <moseley@hank.org>)
List pgsql-novice
Bill Moseley wrote:
> On Tue, Jan 13, 2004 at 02:38:04PM +1100, Russell Shaw wrote:
>
>>In pg_ident.conf, i put:
>>
>>  # MAPNAME   IDENT-USERNAME  PG-USERNAME
>>  apache      www-data        russell
>>  apache      russell         russell
>>
>>This works:
>>  psql -U russell parts_list
>>
>>This doesn't:
>>  psql -U www-data parts_list
>>
>>It says: psql: FATAL:  IDENT authentication failed for user "www-data"
>
> I don't think that's how it works.  But, I'm just learning -- so I'll
> try and get it correct (but no guarantees).

Hi,
By a process of elimination, i think it works like this:

The script is:

   <?php
     $conn=pg_connect("dbname=parts_list user=russell");
     if(!$conn)
       exit(pg_result_error($conn));
   ?>

Apache accesses postgres postmaster saying it is russell (from the php
user=russell above). However, postmaster finds out by identd that the
process (apache) is user www-data. So, ident user www-data needs to be
mapped as postgres user russell in pg_ident.conf. I have in pg_hba.conf:

   # TYPE  DATABASE    USER        IP-ADDRESS        IP-MASK           METHOD

   local   all         postgres                                        ident sameuser
   local   all         russell                                         ident apache
   host    all         russell     127.0.0.1         255.255.255.255   ident apache
   local   all         all                                             ident sameuser
   host    all         all         127.0.0.1         255.255.255.255   ident sameuser
   host    all         all         0.0.0.0           0.0.0.0           reject

pg_ident.conf:

   # MAPNAME   IDENT-USERNAME  PG-USERNAME
   apache      www-data        russell



pgsql-novice by date:

Previous
From: Bill Moseley
Date:
Subject: Re: Connect error
Next
From: Russell Shaw
Date:
Subject: Re: Connect error