Postgres Pro
Downloads
Home   >   mailing lists

Re: 7.4.3 & 8.0.0beta1 + Solaris 9: default pg_hba.conf - Mailing list pgsql-hackers

From Andrew Dunstan
Subject Re: 7.4.3 & 8.0.0beta1 + Solaris 9: default pg_hba.conf
Date
Msg-id 4124E81F.50901@dunslane.net
Whole thread Raw
In response to Re: 7.4.3 & 8.0.0beta1 + Solaris 9: default pg_hba.conf breaks  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: 7.4.3 & 8.0.0beta1 + Solaris 9: default pg_hba.conf  (Bruce Momjian <pgman@candle.pha.pa.us>)
List pgsql-hackers
Tree view 

Tom Lane wrote:

>Andrew Dunstan <andrew@dunslane.net> writes:
>
>
>>At this stage of the game I would just change pg_hba.conf.sample to use
>>'127.0.0.1/32' instead of '127.0.0.1 255.255.255.255'.
>>
>>
>
>Yeah, that's probably the path of least resistance.  Note that the
>comments and possibly the SGML docs need to be adjusted to match,
>however, so it's not quite a one-liner.
>
>
>
>

I think the SGML is fine. Here's a patch for the sample file.

cheers

andrew
Index: src/backend/libpq/pg_hba.conf.sample
===================================================================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/pg_hba.conf.sample,v
retrieving revision 1.49
diff -c -r1.49 pg_hba.conf.sample
*** src/backend/libpq/pg_hba.conf.sample    1 Aug 2004 05:58:35 -0000    1.49
--- src/backend/libpq/pg_hba.conf.sample    19 Aug 2004 17:30:56 -0000
***************
*** 35,40 ****
--- 35,43 ----
  # encrypted passwords.  OPTION is the ident map or the name of the PAM
  # service.
  #
+ # Note: On some Solaris systems, an IP-MASK of 255.255.255.255 is known not to work.
+ # The corresponding CIDR-MASK of /32 does work.
+ #
  # Database and user names containing spaces, commas, quotes and other special
  # characters can be quoted. Quoting one of the keywords "all", "sameuser" or
  # "samegroup"  makes the name lose its special character, and just match a
***************
*** 49,56 ****
  # ----------------------------------
  #
  # If you want to allow non-local connections, you need to add more
! # "host" records.  Also, remember TCP/IP connections are only enabled
! # if you enable "tcpip_socket" in postgresql.conf.

  @authcomment@

--- 52,61 ----
  # ----------------------------------
  #
  # If you want to allow non-local connections, you need to add more
! # "host" records. In that case you will also need to make PostgreSQL listen
! # on a non-local interface via the listen_addresses configuration parameter, or
! # the -i or -h command line switches.
! #

  @authcomment@

***************
*** 58,63 ****

  local   all         all                                             @authmethod@
  # IPv4-style local connections:
! host    all         all         127.0.0.1         255.255.255.255   @authmethod@
  # IPv6-style local connections:
  host    all         all         ::1/128                             @authmethod@
--- 63,68 ----

  local   all         all                                             @authmethod@
  # IPv4-style local connections:
! host    all         all         127.0.0.1/32                        @authmethod@
  # IPv6-style local connections:
  host    all         all         ::1/128                             @authmethod@

pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: 7.4.3 & 8.0.0beta1 + Solaris 9: default pg_hba.conf breaks
Next
From: Joe Conway
Date:
Subject: repeatable system index corruption on 7.4.2