Thread: Pg_dumpall problem[2]

Pg_dumpall problem[2]

From
James Hall
Date:
Since there were no replies to this, I did some testing w/pg_hba.conf since
I thought the problem might be there. I now have a question about
pg_hba.conf.

I need pg_hba.conf to allow local connections [via telnet for example] to
the database without requesting a password, but to request a password for
clients connecting via the web based front end. All clients are on the
172.X.X.X ip range.

My current pg_hba.conf shows:
Local        all       password
Host         all       172.0.0.0    255.255.255.255    password

If I change local from password to trust PG will allow any client accessing
the database from the web based front end in w/o a password.

I looked at the docs for more info on the local pg_hba.conf option, but
didn't find much to help. (PG version is 7.1)

The goal is to have cron run some backup scripts (to dump the databases
daily) without having to enter a password for the dumps.

Any assistance is appreciated!
Thanks,
-jim


-----Original Message-----
From: James Hall
Sent: Wednesday, February 05, 2003 2:34 PM
To: pgsql-general@postgresql.org
Subject: Pg_dumpall problem


Hello,

I am trying to use pg_dumpall to backup my databases, and it is failing.
The results of a attempted dumpall are below:

[postgres@rspde postgres]$ pg_dumpall > 020503.out
Password: psql: Password authentication failed for user 'postgres'
Password: Password: psql: Password authentication failed for user 'postgres'
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: psql: fe_sendauth: no password supplied
Password: Connection to database '' failed.
fe_sendauth: no password supplied

pg_dump failed on , exiting
---------------------------------------------------------------------

The version of Postgresql is 7.1 and all tables have owner postgres. The
password I supply is correct.

If anyone can shed any light on this problem, it would be greatly
appreciated.

TIA,
-jim


Re: Pg_dumpall problem[2]

From
Bruno Wolff III
Date:
On Thu, Feb 06, 2003 at 10:04:49 -0600,
  James Hall <James.Hall@RadioShack.com> wrote:
> Since there were no replies to this, I did some testing w/pg_hba.conf since
> I thought the problem might be there. I now have a question about
> pg_hba.conf.
>
> I need pg_hba.conf to allow local connections [via telnet for example] to
> the database without requesting a password, but to request a password for
> clients connecting via the web based front end. All clients are on the
> 172.X.X.X ip range.
>
> My current pg_hba.conf shows:
> Local        all       password
> Host         all       172.0.0.0    255.255.255.255    password

If supported by your OS use:
local all ident sameuser

Re: Pg_dumpall problem[2]

From
James Hall
Date:
Thank you very much for the reply.

I tried your suggestion, and my OS [RH7] must not support it, because that
setting would not allow any logins (local or TCP/IP). A telnet attempt
resulted in "missing or erroneous pg_hba.conf".

I know what I am trying to do is possible, because on postgresql 6.5 it
worked like a charm. Haven't been able to get it working since upgrading to
7.1.

Any other suggestions?
TIA!
-jim



-----Original Message-----
From: Bruno Wolff III [mailto:bruno@wolff.to]
Sent: Thursday, February 06, 2003 3:23 PM
To: James Hall
Cc: pgsql-general@postgresql.org
Subject: Re: [GENERAL] Pg_dumpall problem[2]


On Thu, Feb 06, 2003 at 10:04:49 -0600,
  James Hall <James.Hall@RadioShack.com> wrote:
> Since there were no replies to this, I did some testing w/pg_hba.conf
> since I thought the problem might be there. I now have a question
> about pg_hba.conf.
>
> I need pg_hba.conf to allow local connections [via telnet for example]
> to the database without requesting a password, but to request a
> password for clients connecting via the web based front end. All
> clients are on the 172.X.X.X ip range.
>
> My current pg_hba.conf shows:
> Local        all       password
> Host         all       172.0.0.0    255.255.255.255    password

If supported by your OS use:
local all ident sameuser

Re: Pg_dumpall problem[2]

From
Bruno Wolff III
Date:
On Thu, Feb 06, 2003 at 15:55:52 -0600,
  James Hall <James.Hall@RadioShack.com> wrote:
> Thank you very much for the reply.
>
> I tried your suggestion, and my OS [RH7] must not support it, because that
> setting would not allow any logins (local or TCP/IP). A telnet attempt
> resulted in "missing or erroneous pg_hba.conf".
>
> I know what I am trying to do is possible, because on postgresql 6.5 it
> worked like a charm. Haven't been able to get it working since upgrading to
> 7.1.

You shouldn't be using telnet to contact the database. What I assumed is
that you were telneting to the machine the database server was running on
and running psql to talk to the database.

The ident feature works on linux.

The syntax changed in 7.2 (I think), but your stuff looked like it was from
an earlier version.

You might want to repost what you ended up using as someone may be able to
spot something wrong.

Re: Pg_dumpall problem[2]

From
Shridhar Daithankar
Date:
On Thursday 06 February 2003 09:34 pm, you wrote:
> The goal is to have cron run some backup scripts (to dump the databases
> daily) without having to enter a password for the dumps.

Run psql script.  You can use PGPASSWORD environment variable. Search
archives. It has the references..

 HTH

 Shridhar

Re: Pg_dumpall problem[2]

From
Bruno Wolff III
Date:
On Fri, Feb 07, 2003 at 12:07:23 +0530,
  Shridhar Daithankar <shridhar_daithankar@persistent.co.in> wrote:
> On Thursday 06 February 2003 09:34 pm, you wrote:
> > The goal is to have cron run some backup scripts (to dump the databases
> > daily) without having to enter a password for the dumps.
>
> Run psql script.  You can use PGPASSWORD environment variable. Search
> archives. It has the references..

This isn't a good idea. If you are worried enough about local users
to use password authentication, you don't want to put passwords into
environment variables as on most unix systems they are visible to other
users.

Using ident authentication is a much better way to do this.

Re: Pg_dumpall problem[2]

From
Tom Lane
Date:
Bruno Wolff III <bruno@wolff.to> writes:
>> Run psql script.  You can use PGPASSWORD environment variable. Search
>> archives. It has the references..

> This isn't a good idea. If you are worried enough about local users
> to use password authentication, you don't want to put passwords into
> environment variables as on most unix systems they are visible to other
> users.

Yeah.  In 7.3, you can keep passwords in ~/.pgpass instead; much more secure.

            regards, tom lane