Home > mailing lists

unix_socket_group problem - Mailing list pgsql-admin

From	Joe Miller
Subject	unix_socket_group problem
Date	November 13, 2009 14:48:02
Msg-id	a7c175b20911130747n5b3a7d76ue721e95caa754a97@mail.gmail.com Whole thread Raw
Responses	Re: unix_socket_group problem (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-admin

Tree view

I have a PostgreSQL installation for which I would like to limit local domain socket access to the postgres user and members of the "myadmin" group. I've modified pg_hba.conf to trust local domain socket connections, and changed these settings in postgresql.conf:

unix_socket_group = 'myadmin'
unix_socket_permissions = 0770

Using these settings, attempting to login via psql using different accounts results in the following:

root:   connection refused
postgres: connection refused
myadmin: permission denied

When I look at the socket file in /tmp, I see the following:

srwx------ 1 postgres postgres    0 Nov 13 10:03 .s.PGSQL.5432

I thought by changing postresql.conf the way I have, this should appear as:

srwxrwx--- 1 postgres myadmin    0 Nov 13 10:03 .s.PGSQL.5432

What am I missing? I'm currently running 64-bit PostgreSQL 8.4.1 on Centos 5.4.

Thanks in advance,

Joe

pgsql-admin by date:

From: Tom Lane
Date: 12 November 2009, 19:58:18
Subject: Re: recovery is stuck when children are not processing SIGQUIT from previous crash

From: Tom Lane
Date: 13 November 2009, 15:47:48
Subject: Re: unix_socket_group problem

unix_socket_group problem - Mailing list pgsql-admin

Previous

Next