Home > mailing lists

Re: BUG #5763: pg_hba.conf not honored - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: BUG #5763: pg_hba.conf not honored
Date	November 23, 2010 14:29:52
Msg-id	8761.1290526183@sss.pgh.pa.us Whole thread Raw
In response to	BUG #5763: pg_hba.conf not honored ("Kaiting Chen" <kaitocracy@gmail.com>)
Responses	Re: BUG #5763: pg_hba.conf not honored (Robert Haas <robertmhaas@gmail.com>)
List	pgsql-bugs

Tree view

"Kaiting Chen" <kaitocracy@gmail.com> writes:
> From this pg_hba configuration as the user 'kaiting.chen' is not in role
> 'service' the second entry in the table should be skipped and he should
> authenticate via GSSAPI. However this does not happen.

I believe the definition of "in role" we use here is "has the privileges
of role".  Since kaiting.chen is a superuser, all privilege tests will
succeed for him, including that one.  IOW, a superuser is automatically
a member of every role.  This isn't a bug.

            regards, tom lane

pgsql-bugs by date:

From: Jon Nelson
Date: 23 November 2010, 13:37:11
Subject: Re: temporary tables, and lots of 0 byte files

From: Jonathan Pool
Date: 23 November 2010, 17:30:09
Subject: Documentation bug: Chapter 35.4, paragraph 4

Re: BUG #5763: pg_hba.conf not honored - Mailing list pgsql-bugs

Previous

Next