Thread: Linux user www-data has no access to amphora2 DB

Linux user www-data has no access to amphora2 DB

From
Denny-Schierz
Date:
Hi pgsql-admin,

 i want to install the amphora2 light groupware software under Debian Woody
 with pgsql 7.2.1. I have to restore a dump into the amphora2 DB that
 i created before.:
-----------------
testlinux:/home/amphora2/inst# su  www-data -s /bin/bash -c 'psql amphora2 < amphora2.0.dump'
-----------------

but postgres tells me:

-----------------
psql: FATAL 1:  IDENT authentication failed for user "www-data"
-----------------

my pg_hba.conf:

local        amphora2   ident           amphora
local        all                                           ident sameuser
host         all         127.0.0.1     255.0.0.0           ident sameuser
host         all         0.0.0.0       0.0.0.0             reject


--
Mit freundlichen Grüssen
Denny-Schierz                          mailto:cuall@gmx.de


Re: Linux user www-data has no access to amphora2 DB

From
David Stanaway
Date:
On Mon, 2002-04-22 at 12:32, Denny-Schierz wrote:
> Hi pgsql-admin,
>
>  i want to install the amphora2 light groupware software under Debian Woody
>  with pgsql 7.2.1. I have to restore a dump into the amphora2 DB that
>  i created before.:
> -----------------
> testlinux:/home/amphora2/inst# su  www-data -s /bin/bash -c 'psql amphora2 < amphora2.0.dump'
> -----------------
>
> but postgres tells me:


Does www-data exist as a postgres user?

I have tried to reproduce your problem, but I can't.

I don't have a password for www-data so I use sudo:

dstanawa@ciderbox:~$ sudo -u www-data psql -c "select version()"
template1
                                version
-----------------------------------------------------------------------
 PostgreSQL 7.2.1 on powerpc-unknown-linux-gnu, compiled by GCC 2.95.4
(1 row)

dstanawa@ciderbox:~$ tail -11 /etc/postgresql/pg_hba.conf
local        all                                           ident
sameuser
#host         all         127.0.0.1     255.0.0.0           trust
host         all         0.0.0.0       0.0.0.0             reject

# If you want to allow non-local connections, you will need to change
'reject'
# to 'crypt' or some other suitable authentication method.  (Debian
postgresql
# is not built with Kerberos authentication enabled.)
# To allow TCP/IP access, even from localhost, the postmaster must also
be
# started with the -i option or the option TCPIP_SOCKET must be set in
# /etc/postgresql/postgresql.conf.

dstanawa@ciderbox:~$ cat /etc/debian_version
3.0


> -----------------
> psql: FATAL 1:  IDENT authentication failed for user "www-data"
> -----------------
>
> my pg_hba.conf:
>
> local        amphora2   ident           amphora
> local        all                                           ident sameuser
> host         all         127.0.0.1     255.0.0.0           ident sameuser
> host         all         0.0.0.0       0.0.0.0             reject



Anyway.. you probably want to restore the database as a super user (EG:
User Postgres) The dump script should have

\connect - "www-data"
statements in it.   It also may have some
\connect - "postgresql"
statements too. which could cause problems as user www-data

--
David Stanaway



Attachment

Re: Linux user www-data has no access to amphora2 DB

From
Tom Lane
Date:
Denny-Schierz <cuall@gmx.de> writes:
> testlinux:/home/amphora2/inst# su  www-data -s /bin/bash -c 'psql amphora2 < amphora2.0.dump'
> psql: FATAL 1:  IDENT authentication failed for user "www-data"

> local        amphora2   ident           amphora
> local        all                                           ident sameuser
> host         all         127.0.0.1     255.0.0.0           ident sameuser
> host         all         0.0.0.0       0.0.0.0             reject

Did you provide an ident map called amphora?  If so, what users does it
accept?

I suspect you really want to remove that first pg_hba line, and let the
"ident sameuser" policy apply to local connections to all databases.

            regards, tom lane

Re: Linux user www-data has no access to amphora2 DB

From
Denny-Schierz
Date:
Guten Tag Tom Lane,

Am Montag, 22. April 2002 um 19:56 schrieben Sie:

TL> Denny-Schierz <cuall@gmx.de> writes:
>> testlinux:/home/amphora2/inst# su  www-data -s /bin/bash -c 'psql amphora2 < amphora2.0.dump'
>> psql: FATAL 1:  IDENT authentication failed for user "www-data"

>> local        amphora2   ident           amphora
>> local        all                                           ident sameuser
>> host         all         127.0.0.1     255.0.0.0           ident sameuser
>> host         all         0.0.0.0       0.0.0.0             reject

TL> Did you provide an ident map called amphora?  If so, what users does it
TL> accept?

TL> I suspect you really want to remove that first pg_hba line, and let the
TL> "ident sameuser" policy apply to local connections to all databases.

TL>                         regards, tom lane

 i did only this, what stands in the INSTALL (
 http://devel.itmeedia.ee/beta/INSTALL ) from amphopra, i never
 used postgres before. If i'm understand  the pg_ident.conf, it maps
 from the www-data user (unix user) to the amphora user (postgres in
 template 1). So i think, that the postgres user amphora has no rights
 to the amphora2DB, allright? How can i resolve it.?

 cu

--
Mit freundlichen Grüssen
Denny-Schierz                            mailto:cuall@gmx.de