Thread: Pg_dumpall problem[2]
Since there were no replies to this, I did some testing w/pg_hba.conf since I thought the problem might be there. I now have a question about pg_hba.conf. I need pg_hba.conf to allow local connections [via telnet for example] to the database without requesting a password, but to request a password for clients connecting via the web based front end. All clients are on the 172.X.X.X ip range. My current pg_hba.conf shows: Local all password Host all 172.0.0.0 255.255.255.255 password If I change local from password to trust PG will allow any client accessing the database from the web based front end in w/o a password. I looked at the docs for more info on the local pg_hba.conf option, but didn't find much to help. (PG version is 7.1) The goal is to have cron run some backup scripts (to dump the databases daily) without having to enter a password for the dumps. Any assistance is appreciated! Thanks, -jim -----Original Message----- From: James Hall Sent: Wednesday, February 05, 2003 2:34 PM To: pgsql-general@postgresql.org Subject: Pg_dumpall problem Hello, I am trying to use pg_dumpall to backup my databases, and it is failing. The results of a attempted dumpall are below: [postgres@rspde postgres]$ pg_dumpall > 020503.out Password: psql: Password authentication failed for user 'postgres' Password: Password: psql: Password authentication failed for user 'postgres' Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: psql: fe_sendauth: no password supplied Password: Connection to database '' failed. fe_sendauth: no password supplied pg_dump failed on , exiting --------------------------------------------------------------------- The version of Postgresql is 7.1 and all tables have owner postgres. The password I supply is correct. If anyone can shed any light on this problem, it would be greatly appreciated. TIA, -jim
On Thu, Feb 06, 2003 at 10:04:49 -0600, James Hall <James.Hall@RadioShack.com> wrote: > Since there were no replies to this, I did some testing w/pg_hba.conf since > I thought the problem might be there. I now have a question about > pg_hba.conf. > > I need pg_hba.conf to allow local connections [via telnet for example] to > the database without requesting a password, but to request a password for > clients connecting via the web based front end. All clients are on the > 172.X.X.X ip range. > > My current pg_hba.conf shows: > Local all password > Host all 172.0.0.0 255.255.255.255 password If supported by your OS use: local all ident sameuser
Thank you very much for the reply. I tried your suggestion, and my OS [RH7] must not support it, because that setting would not allow any logins (local or TCP/IP). A telnet attempt resulted in "missing or erroneous pg_hba.conf". I know what I am trying to do is possible, because on postgresql 6.5 it worked like a charm. Haven't been able to get it working since upgrading to 7.1. Any other suggestions? TIA! -jim -----Original Message----- From: Bruno Wolff III [mailto:bruno@wolff.to] Sent: Thursday, February 06, 2003 3:23 PM To: James Hall Cc: pgsql-general@postgresql.org Subject: Re: [GENERAL] Pg_dumpall problem[2] On Thu, Feb 06, 2003 at 10:04:49 -0600, James Hall <James.Hall@RadioShack.com> wrote: > Since there were no replies to this, I did some testing w/pg_hba.conf > since I thought the problem might be there. I now have a question > about pg_hba.conf. > > I need pg_hba.conf to allow local connections [via telnet for example] > to the database without requesting a password, but to request a > password for clients connecting via the web based front end. All > clients are on the 172.X.X.X ip range. > > My current pg_hba.conf shows: > Local all password > Host all 172.0.0.0 255.255.255.255 password If supported by your OS use: local all ident sameuser
On Thu, Feb 06, 2003 at 15:55:52 -0600, James Hall <James.Hall@RadioShack.com> wrote: > Thank you very much for the reply. > > I tried your suggestion, and my OS [RH7] must not support it, because that > setting would not allow any logins (local or TCP/IP). A telnet attempt > resulted in "missing or erroneous pg_hba.conf". > > I know what I am trying to do is possible, because on postgresql 6.5 it > worked like a charm. Haven't been able to get it working since upgrading to > 7.1. You shouldn't be using telnet to contact the database. What I assumed is that you were telneting to the machine the database server was running on and running psql to talk to the database. The ident feature works on linux. The syntax changed in 7.2 (I think), but your stuff looked like it was from an earlier version. You might want to repost what you ended up using as someone may be able to spot something wrong.
On Thursday 06 February 2003 09:34 pm, you wrote: > The goal is to have cron run some backup scripts (to dump the databases > daily) without having to enter a password for the dumps. Run psql script. You can use PGPASSWORD environment variable. Search archives. It has the references.. HTH Shridhar
On Fri, Feb 07, 2003 at 12:07:23 +0530, Shridhar Daithankar <shridhar_daithankar@persistent.co.in> wrote: > On Thursday 06 February 2003 09:34 pm, you wrote: > > The goal is to have cron run some backup scripts (to dump the databases > > daily) without having to enter a password for the dumps. > > Run psql script. You can use PGPASSWORD environment variable. Search > archives. It has the references.. This isn't a good idea. If you are worried enough about local users to use password authentication, you don't want to put passwords into environment variables as on most unix systems they are visible to other users. Using ident authentication is a much better way to do this.
Bruno Wolff III <bruno@wolff.to> writes:
>> Run psql script. You can use PGPASSWORD environment variable. Search
>> archives. It has the references..
> This isn't a good idea. If you are worried enough about local users
> to use password authentication, you don't want to put passwords into
> environment variables as on most unix systems they are visible to other
> users.
Yeah. In 7.3, you can keep passwords in ~/.pgpass instead; much more secure.
regards, tom lane