Thread: pg_hba.conf change in 7.4
Hi,
In 7.4, I noticed there is this ::1 and ffff: (x8 of them)
for IPv6.
I looked at the documentation and there is nothing that says
what the ::1 is for.
Commenting out that line will prevent access to PostgreSQL
from psql unless I put trust for that line.
This is what I had in 7.3.4:
host all all 127.0.0.1 255.255.255.255
ident pspmap
local all all password
host all all 0.0.0.0 0.0.0.0 reject
But in 7.4, it does not work anymore. It seems to want ::1 to be somewhere.
If I change the line with ::1 from trust to ident pspmap, it complains that
the user cannot be found. But it is in the pspmap. Message fromm psql:
psql: FATAL: IDENT authentication failed for user "postgres"
Right now, I have it set to trust to work around.
Any idea what to do about this ?
host all all 127.0.0.1 255.255.255.255
ident pspmap
local all all password
host all all 0.0.0.0 0.0.0.0 reject
# IPv4-style local connections:
#host all all 127.0.0.1 255.255.255.255 trust
# IPv6-style local connections:
host all all ::1
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust
Thanks.
Gan
--
+--------------------------------------------------------+
| Seum-Lim GAN email : slgan@lucent.com |
| Lucent Technologies |
| 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 |
| Naperville, IL 60566, USA. fax : (630)-713-7272 |
| web : http://inuweb.ih.lucent.com/~slgan |
+--------------------------------------------------------+
Seum-Lim Gan wrote: > Hi, > > In 7.4, I noticed there is this ::1 and ffff: (x8 of them) > for IPv6. > > I looked at the documentation and there is nothing that says > what the ::1 is for. The ::1 is a IPv6 shorthand for 127.0.0.1 (localhost). > Commenting out that line will prevent access to PostgreSQL > from psql unless I put trust for that line. > > This is what I had in 7.3.4: > host all all 127.0.0.1 255.255.255.255 > ident pspmap > local all all password > host all all 0.0.0.0 0.0.0.0 reject > > But in 7.4, it does not work anymore. It seems to want ::1 to be somewhere. > If I change the line with ::1 from trust to ident pspmap, it complains that > the user cannot be found. But it is in the pspmap. Message fromm psql: Seems you have an OS that makes all connections IPv6, even IPv4 ones. That is why we had to have that line in there. Seems ::1 controls your local connections on that platform. Some platforms have distinct IPv4 and IPv6 connections, so we have to include both lines in the file. > Right now, I have it set to trust to work around. > Any idea what to do about this ? > > host all all 127.0.0.1 255.255.255.255 > ident pspmap > local all all password > host all all 0.0.0.0 0.0.0.0 reject > # IPv4-style local connections: > #host all all 127.0.0.1 255.255.255.255 trust > # IPv6-style local connections: > host all all ::1 > ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust Yea, that's about it. My guess is that nothing is coming in via IPv4 on your machine so 127.0.0.1 does nothing. Perhaps netstat will show the IP address family used. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
Hi Bruce,
Thanks for the info.
I captured the netstat output below.
Looks like there is a bunch of IPv4 being used.
Any idea how this can be resolved ?
Thanks.
Gan
UDP: IPv6
Local Address Remote Address
State If
--------------------------------- ---------------------------------
---------- -----
localhost.35847 localhost.35847 Connected
TCP: IPv4
Local Address Remote Address Swind Send-Q Rwind Recv-Q State
-------------------- -------------------- ----- ------ ----- ------ -------
localhost.32906 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32906 49152 0 49152 0 ESTABLISHED
localhost.32908 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32908 49152 0 49152 0 ESTABLISHED
localhost.32910 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32910 49152 0 49152 0 ESTABLISHED
localhost.32911 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32911 49152 0 49152 0 ESTABLISHED
localhost.32913 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32913 49152 0 49152 0 ESTABLISHED
localhost.32915 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32915 49152 0 49152 0 ESTABLISHED
localhost.32917 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32917 49152 0 49152 0 ESTABLISHED
localhost.32919 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32919 49152 0 49152 0 ESTABLISHED
localhost.32920 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32920 49152 0 49152 0 ESTABLISHED
localhost.32922 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32922 49152 0 49152 0 ESTABLISHED
localhost.32923 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32923 49152 0 49152 0 ESTABLISHED
localhost.32924 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32924 49152 0 49152 0 ESTABLISHED
localhost.32926 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32926 49152 0 49152 0 ESTABLISHED
localhost.32927 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32927 49152 0 49152 0 ESTABLISHED
localhost.33086 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.33086 49152 0 49152 0 ESTABLISHED
localhost.33087 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.33087 49152 0 49152 0 ESTABLISHED
localhost.50882 localhost.14502 49152 0 49152 0 ESTABLISHED
localhost.14502 localhost.50882 49152 0 49152 0 ESTABLISHED
localhost.50883 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.50883 49152 0 49152 0 ESTABLISHED
At 12:11 pm -0500 2003/11/20, Bruce Momjian wrote:
>Seum-Lim Gan wrote:
>> Hi,
>>
>> In 7.4, I noticed there is this ::1 and ffff: (x8 of them)
>> for IPv6.
>>
>> I looked at the documentation and there is nothing that says
>> what the ::1 is for.
>
>The ::1 is a IPv6 shorthand for 127.0.0.1 (localhost).
>
>> Commenting out that line will prevent access to PostgreSQL
>> from psql unless I put trust for that line.
>>
>> This is what I had in 7.3.4:
>> host all all 127.0.0.1 255.255.255.255
> > ident pspmap
>> local all all password
>> host all all 0.0.0.0 0.0.0.0 reject
>>
>> But in 7.4, it does not work anymore. It seems to want ::1 to be somewhere.
>> If I change the line with ::1 from trust to ident pspmap, it complains that
>> the user cannot be found. But it is in the pspmap. Message fromm psql:
>
>Seems you have an OS that makes all connections IPv6, even IPv4 ones.
>That is why we had to have that line in there. Seems ::1 controls your
>local connections on that platform. Some platforms have distinct IPv4
>and IPv6 connections, so we have to include both lines in the file.
>
>> Right now, I have it set to trust to work around.
>> Any idea what to do about this ?
>>
>> host all all 127.0.0.1 255.255.255.255
>> ident pspmap
>> local all all password
>> host all all 0.0.0.0 0.0.0.0 reject
>> # IPv4-style local connections:
>> #host all all 127.0.0.1 255.255.255.255 trust
>> # IPv6-style local connections:
>> host all all ::1
>> ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust
>
>Yea, that's about it. My guess is that nothing is coming in via IPv4 on
>your machine so 127.0.0.1 does nothing. Perhaps netstat will show the
>IP address family used.
>
>--
> Bruce Momjian | http://candle.pha.pa.us
> pgman@candle.pha.pa.us | (610) 359-1001
> + If your life is a hard drive, | 13 Roberts Road
> + Christ can be your backup. | Newtown Square, Pennsylvania 19073
--
+--------------------------------------------------------+
| Seum-Lim GAN email : slgan@lucent.com |
| Lucent Technologies |
| 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 |
| Naperville, IL 60566, USA. fax : (630)-713-7272 |
| web : http://inuweb.ih.lucent.com/~slgan |
+--------------------------------------------------------+
I think what happens is that when we listen on IPv4 and IPv6, that all connections get IPv6. What OS are you using? --------------------------------------------------------------------------- Seum-Lim Gan wrote: > Hi Bruce, > > Thanks for the info. > I captured the netstat output below. > > Looks like there is a bunch of IPv4 being used. > > Any idea how this can be resolved ? > > Thanks. > > Gan > > UDP: IPv6 > Local Address Remote Address > State If > --------------------------------- --------------------------------- > ---------- ----- > localhost.35847 localhost.35847 Connected > > TCP: IPv4 > Local Address Remote Address Swind Send-Q Rwind Recv-Q State > -------------------- -------------------- ----- ------ ----- ------ ------- > localhost.32906 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32906 49152 0 49152 0 ESTABLISHED > localhost.32908 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32908 49152 0 49152 0 ESTABLISHED > localhost.32910 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32910 49152 0 49152 0 ESTABLISHED > localhost.32911 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32911 49152 0 49152 0 ESTABLISHED > localhost.32913 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32913 49152 0 49152 0 ESTABLISHED > localhost.32915 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32915 49152 0 49152 0 ESTABLISHED > localhost.32917 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32917 49152 0 49152 0 ESTABLISHED > localhost.32919 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32919 49152 0 49152 0 ESTABLISHED > localhost.32920 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32920 49152 0 49152 0 ESTABLISHED > localhost.32922 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32922 49152 0 49152 0 ESTABLISHED > localhost.32923 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32923 49152 0 49152 0 ESTABLISHED > localhost.32924 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32924 49152 0 49152 0 ESTABLISHED > localhost.32926 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32926 49152 0 49152 0 ESTABLISHED > localhost.32927 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.32927 49152 0 49152 0 ESTABLISHED > localhost.33086 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.33086 49152 0 49152 0 ESTABLISHED > localhost.33087 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.33087 49152 0 49152 0 ESTABLISHED > localhost.50882 localhost.14502 49152 0 49152 0 ESTABLISHED > localhost.14502 localhost.50882 49152 0 49152 0 ESTABLISHED > localhost.50883 localhost.14500 49152 0 49152 0 ESTABLISHED > localhost.14500 localhost.50883 49152 0 49152 0 ESTABLISHED > > At 12:11 pm -0500 2003/11/20, Bruce Momjian wrote: > >Seum-Lim Gan wrote: > >> Hi, > >> > >> In 7.4, I noticed there is this ::1 and ffff: (x8 of them) > >> for IPv6. > >> > >> I looked at the documentation and there is nothing that says > >> what the ::1 is for. > > > >The ::1 is a IPv6 shorthand for 127.0.0.1 (localhost). > > > >> Commenting out that line will prevent access to PostgreSQL > >> from psql unless I put trust for that line. > >> > >> This is what I had in 7.3.4: > >> host all all 127.0.0.1 255.255.255.255 > > > ident pspmap > >> local all all password > >> host all all 0.0.0.0 0.0.0.0 reject > >> > >> But in 7.4, it does not work anymore. It seems to want ::1 to be somewhere. > >> If I change the line with ::1 from trust to ident pspmap, it complains that > >> the user cannot be found. But it is in the pspmap. Message fromm psql: > > > >Seems you have an OS that makes all connections IPv6, even IPv4 ones. > >That is why we had to have that line in there. Seems ::1 controls your > >local connections on that platform. Some platforms have distinct IPv4 > >and IPv6 connections, so we have to include both lines in the file. > > > >> Right now, I have it set to trust to work around. > >> Any idea what to do about this ? > >> > >> host all all 127.0.0.1 255.255.255.255 > >> ident pspmap > >> local all all password > >> host all all 0.0.0.0 0.0.0.0 reject > >> # IPv4-style local connections: > >> #host all all 127.0.0.1 255.255.255.255 trust > >> # IPv6-style local connections: > >> host all all ::1 > >> ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust > > > >Yea, that's about it. My guess is that nothing is coming in via IPv4 on > >your machine so 127.0.0.1 does nothing. Perhaps netstat will show the > >IP address family used. > > > >-- > > Bruce Momjian | http://candle.pha.pa.us > > pgman@candle.pha.pa.us | (610) 359-1001 > > + If your life is a hard drive, | 13 Roberts Road > > + Christ can be your backup. | Newtown Square, Pennsylvania 19073 > > > -- > +--------------------------------------------------------+ > | Seum-Lim GAN email : slgan@lucent.com | > | Lucent Technologies | > | 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 | > | Naperville, IL 60566, USA. fax : (630)-713-7272 | > | web : http://inuweb.ih.lucent.com/~slgan | > +--------------------------------------------------------+ > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
Hi Bruce, We are using Sun Solaris 9 on Sparc. uname -a : SunOS test01 5.9 Generic_112233-04 sun4u sparc SUNW,Ultra-80 Gan At 12:29 pm -0500 2003/11/20, Bruce Momjian wrote: >I think what happens is that when we listen on IPv4 and IPv6, that all >connections get IPv6. What OS are you using? > >--------------------------------------------------------------------------- > >Seum-Lim Gan wrote: >> Hi Bruce, >> >> Thanks for the info. >> I captured the netstat output below. >> >> Looks like there is a bunch of IPv4 being used. >> >> Any idea how this can be resolved ? >> >> Thanks. >> >> Gan >> >> UDP: IPv6 >> Local Address Remote Address >> State If >> --------------------------------- --------------------------------- >> ---------- ----- >> localhost.35847 localhost.35847 >>Connected >> >> TCP: IPv4 >> Local Address Remote Address Swind Send-Q Rwind Recv-Q State >> -------------------- -------------------- ----- ------ ----- ------ ------- >> localhost.32906 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32906 49152 0 49152 >>0 ESTABLISHED >> localhost.32908 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32908 49152 0 49152 >>0 ESTABLISHED >> localhost.32910 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32910 49152 0 49152 >>0 ESTABLISHED >> localhost.32911 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32911 49152 0 49152 >>0 ESTABLISHED >> localhost.32913 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32913 49152 0 49152 >>0 ESTABLISHED >> localhost.32915 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32915 49152 0 49152 >>0 ESTABLISHED >> localhost.32917 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32917 49152 0 49152 >>0 ESTABLISHED >> localhost.32919 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32919 49152 0 49152 >>0 ESTABLISHED >> localhost.32920 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32920 49152 0 49152 >>0 ESTABLISHED >> localhost.32922 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32922 49152 0 49152 >>0 ESTABLISHED >> localhost.32923 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32923 49152 0 49152 >>0 ESTABLISHED >> localhost.32924 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32924 49152 0 49152 >>0 ESTABLISHED >> localhost.32926 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32926 49152 0 49152 >>0 ESTABLISHED >> localhost.32927 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32927 49152 0 49152 >>0 ESTABLISHED >> localhost.33086 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.33086 49152 0 49152 >>0 ESTABLISHED >> localhost.33087 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.33087 49152 0 49152 >>0 ESTABLISHED >> localhost.50882 localhost.14502 49152 0 49152 >>0 ESTABLISHED >> localhost.14502 localhost.50882 49152 0 49152 >>0 ESTABLISHED >> localhost.50883 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.50883 49152 0 49152 >>0 ESTABLISHED > > >> At 12:11 pm -0500 2003/11/20, Bruce Momjian wrote: >> >Seum-Lim Gan wrote: >> >> Hi, >> >> >> >> In 7.4, I noticed there is this ::1 and ffff: (x8 of them) >> >> for IPv6. >> >> >> >> I looked at the documentation and there is nothing that says >> >> what the ::1 is for. >> > >> >The ::1 is a IPv6 shorthand for 127.0.0.1 (localhost). >> > >> >> Commenting out that line will prevent access to PostgreSQL >> >> from psql unless I put trust for that line. >> >> >> >> This is what I had in 7.3.4: >> >> host all all 127.0.0.1 255.255.255.255 >> > > ident pspmap >> >> local all all >>password >> >> host all all 0.0.0.0 0.0.0.0 reject >> >> >> >> But in 7.4, it does not work anymore. It seems to want ::1 to >>be somewhere. >> >> If I change the line with ::1 from trust to ident pspmap, it >>complains that >> >> the user cannot be found. But it is in the pspmap. Message fromm psql: >> > >> >Seems you have an OS that makes all connections IPv6, even IPv4 ones. >> >That is why we had to have that line in there. Seems ::1 controls your >> >local connections on that platform. Some platforms have distinct IPv4 >> >and IPv6 connections, so we have to include both lines in the file. >> > >> >> Right now, I have it set to trust to work around. >> >> Any idea what to do about this ? >> >> >> >> host all all 127.0.0.1 255.255.255.255 >> >> ident pspmap >> >> local all all >>password >> >> host all all 0.0.0.0 0.0.0.0 reject >> >> # IPv4-style local connections: >> >> #host all all 127.0.0.1 >>255.255.255.255 trust >> >> # IPv6-style local connections: >> >> host all all ::1 >> >> ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust >> > >> >Yea, that's about it. My guess is that nothing is coming in via IPv4 on >> >your machine so 127.0.0.1 does nothing. Perhaps netstat will show the > > >IP address family used. -- +--------------------------------------------------------+ | Seum-Lim GAN email : slgan@lucent.com | | Lucent Technologies | | 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 | | Naperville, IL 60566, USA. fax : (630)-713-7272 | | web : http://inuweb.ih.lucent.com/~slgan | +--------------------------------------------------------+
Hi Bruce,
I wonder if there is any recommendation to this ?
Is there a way to configure PostgreSQL to not use
IPv6 ?
We are also wonder if there is a version of Ident server
that the PostgreSQL community knows that will work
with IPv6.
Thanks.
Gan
At 11:37 am -0600 2003/11/20, Seum-Lim Gan wrote:
Hi Bruce,
We are using Sun Solaris 9 on Sparc. uname -a :
SunOS test01 5.9 Generic_112233-04 sun4u sparc SUNW,Ultra-80
Gan
At 12:29 pm -0500 2003/11/20, Bruce Momjian wrote:I think what happens is that when we listen on IPv4 and IPv6, that all
connections get IPv6. What OS are you using?
---------------------------------------------------------------------------
Seum-Lim Gan wrote:
> Hi Bruce,
>
> Thanks for the info.
> I captured the netstat output below.
>
> Looks like there is a bunch of IPv4 being used.
>
> Any idea how this can be resolved ?
>
> Thanks.
>
> Gan
>
> UDP: IPv6
> Local Address Remote Address
> State If
> --------------------------------- ---------------------------------
> ---------- -----
> localhost.35847 localhost.35847 Connected
>
> TCP: IPv4
> Local Address Remote Address Swind Send-Q Rwind Recv-Q State
> -------------------- -------------------- ----- ------ ----- ------ -------
> localhost.32906 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32906 49152 0 49152 0 ESTABLISHED
> localhost.32908 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32908 49152 0 49152 0 ESTABLISHED
> localhost.32910 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32910 49152 0 49152 0 ESTABLISHED
> localhost.32911 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32911 49152 0 49152 0 ESTABLISHED
> localhost.32913 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32913 49152 0 49152 0 ESTABLISHED
> localhost.32915 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32915 49152 0 49152 0 ESTABLISHED
> localhost.32917 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32917 49152 0 49152 0 ESTABLISHED
> localhost.32919 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32919 49152 0 49152 0 ESTABLISHED
> localhost.32920 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32920 49152 0 49152 0 ESTABLISHED
> localhost.32922 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32922 49152 0 49152 0 ESTABLISHED
> localhost.32923 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32923 49152 0 49152 0 ESTABLISHED
> localhost.32924 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32924 49152 0 49152 0 ESTABLISHED
> localhost.32926 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32926 49152 0 49152 0 ESTABLISHED
> localhost.32927 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.32927 49152 0 49152 0 ESTABLISHED
> localhost.33086 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.33086 49152 0 49152 0 ESTABLISHED
> localhost.33087 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.33087 49152 0 49152 0 ESTABLISHED> localhost.50882 localhost.14502 49152 0 49152 0 ESTABLISHED
> localhost.14502 localhost.50882 49152 0 49152 0 ESTABLISHED
> localhost.50883 localhost.14500 49152 0 49152 0 ESTABLISHED
> localhost.14500 localhost.50883 49152 0 49152 0 ESTABLISHED
>
> At 12:11 pm -0500 2003/11/20, Bruce Momjian wrote:
> >Seum-Lim Gan wrote:
> >> Hi,
> >>
> >> In 7.4, I noticed there is this ::1 and ffff: (x8 of them)
> >> for IPv6.
> >>
> >> I looked at the documentation and there is nothing that says
> >> what the ::1 is for.
> >
> >The ::1 is a IPv6 shorthand for 127.0.0.1 (localhost).
> >
> >> Commenting out that line will prevent access to PostgreSQL
> >> from psql unless I put trust for that line.
> >>
> >> This is what I had in 7.3.4:
> >> host all all 127.0.0.1 255.255.255.255
> > > ident pspmap
> >> local all all password
> >> host all all 0.0.0.0 0.0.0.0 reject
> >>
> >> But in 7.4, it does not work anymore. It seems to want ::1 to be somewhere.
> >> If I change the line with ::1 from trust to ident pspmap, it complains that
> >> the user cannot be found. But it is in the pspmap. Message fromm psql:
> >
> >Seems you have an OS that makes all connections IPv6, even IPv4 ones.
> >That is why we had to have that line in there. Seems ::1 controls your
> >local connections on that platform. Some platforms have distinct IPv4
> >and IPv6 connections, so we have to include both lines in the file.
> >
> >> Right now, I have it set to trust to work around.
> >> Any idea what to do about this ?
> >>
> >> host all all 127.0.0.1 255.255.255.255
> >> ident pspmap
> >> local all all password
> >> host all all 0.0.0.0 0.0.0.0 reject
> >> # IPv4-style local connections:
> >> #host all all 127.0.0.1 255.255.255.255 trust
> >> # IPv6-style local connections:
> >> host all all ::1
> >> ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust
> >
> >Yea, that's about it. My guess is that nothing is coming in via IPv4 on
> >your machine so 127.0.0.1 does nothing. Perhaps netstat will show the> >IP address family used.
--
+--------------------------------------------------------+
| Seum-Lim GAN email : slgan@lucent.com |
| Lucent Technologies |
| 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 |
| Naperville, IL 60566, USA. fax : (630)-713-7272 |
| web : http://inuweb.ih.lucent.com/~slgan |
+--------------------------------------------------------+
--
+--------------------------------------------------------+
| Seum-Lim GAN email : slgan@lucent.com |
| Lucent Technologies |
| 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 |
| Naperville, IL 60566, USA. fax : (630)-713-7272 |
| web : http://inuweb.ih.lucent.com/~slgan |
+--------------------------------------------------------+
| Seum-Lim GAN email : slgan@lucent.com |
| Lucent Technologies |
| 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 |
| Naperville, IL 60566, USA. fax : (630)-713-7272 |
| web : http://inuweb.ih.lucent.com/~slgan |
+--------------------------------------------------------+
[ Original email attached.] > I wonder if there is any recommendation to this ? > Is there a way to configure PostgreSQL to not use > IPv6 ? I don't know what you want us to do about it? Your OS is accepting all connections as IPv6, so you have to control that with IPv6 addresses in pg_hba.conf. > We are also wonder if there is a version of Ident server > that the PostgreSQL community knows that will work > with IPv6. That is the big question. I would think Solaris ships with one, but maybe not. Is 7.4/Solaris/ident not a workable combination? Folks? --------------------------------------------------------------------------- pgman wrote: > Seum-Lim Gan wrote: > > Hi, > > > > In 7.4, I noticed there is this ::1 and ffff: (x8 of them) > > for IPv6. > > > > I looked at the documentation and there is nothing that says > > what the ::1 is for. > > The ::1 is a IPv6 shorthand for 127.0.0.1 (localhost). > > > Commenting out that line will prevent access to PostgreSQL > > from psql unless I put trust for that line. > > > > This is what I had in 7.3.4: > > host all all 127.0.0.1 255.255.255.255 > > ident pspmap > > local all all password > > host all all 0.0.0.0 0.0.0.0 reject > > > > But in 7.4, it does not work anymore. It seems to want ::1 to be somewhere. > > If I change the line with ::1 from trust to ident pspmap, it complains that > > the user cannot be found. But it is in the pspmap. Message fromm psql: > > Seems you have an OS that makes all connections IPv6, even IPv4 ones. > That is why we had to have that line in there. Seems ::1 controls your > local connections on that platform. Some platforms have distinct IPv4 > and IPv6 connections, so we have to include both lines in the file. > > > Right now, I have it set to trust to work around. > > Any idea what to do about this ? > > > > host all all 127.0.0.1 255.255.255.255 > > ident pspmap > > local all all password > > host all all 0.0.0.0 0.0.0.0 reject > > # IPv4-style local connections: > > #host all all 127.0.0.1 255.255.255.255 trust > > # IPv6-style local connections: > > host all all ::1 > > ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust > > Yea, that's about it. My guess is that nothing is coming in via IPv4 on > your machine so 127.0.0.1 does nothing. Perhaps netstat will show the > IP address family used. > > -- > Bruce Momjian | http://candle.pha.pa.us > pgman@candle.pha.pa.us | (610) 359-1001 > + If your life is a hard drive, | 13 Roberts Road > + Christ can be your backup. | Newtown Square, Pennsylvania 19073 -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
Seum-Lim Gan wrote: > Hi Bruce, > > I wonder if there is any recommendation to this ? > Is there a way to configure PostgreSQL to not use > IPv6 ? One idea is to edit include/pg_config.h and comment out HAVE_IPV6 and recompile and see if it works. That will disable the postmaster from listening on IPv6. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
Hi Bruce, Thanks for the recommendation. I will edit the pg_config.h file and comment out the HAVE_IPV6 #define. It is now defined as 0. Earlier on, I tried to set IPV6 to no or 0 in configure.ih and then configure and rebuild but that did not work. Will let you know if commenting out the HAVE_IPV6 will work. Thanks. Gan At 11:28 am -0500 2003/12/6, Bruce Momjian wrote: >Seum-Lim Gan wrote: >> Hi Bruce, >> >> I wonder if there is any recommendation to this ? >> Is there a way to configure PostgreSQL to not use >> IPv6 ? > >One idea is to edit include/pg_config.h and comment out HAVE_IPV6 and >recompile and see if it works. That will disable the postmaster from >listening on IPv6. > >-- > Bruce Momjian | http://candle.pha.pa.us > pgman@candle.pha.pa.us | (610) 359-1001 > + If your life is a hard drive, | 13 Roberts Road > + Christ can be your backup. | Newtown Square, Pennsylvania 19073 > >---------------------------(end of broadcast)--------------------------- >TIP 3: if posting/reading through Usenet, please send an appropriate > subscribe-nomail command to majordomo@postgresql.org so that your > message can get through to the mailing list cleanly -- +--------------------------------------------------------+ | Seum-Lim GAN email : slgan@lucent.com | | Lucent Technologies | | 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 | | Naperville, IL 60566, USA. fax : (630)-713-7272 | | web : http://inuweb.ih.lucent.com/~slgan | +--------------------------------------------------------+
Hi Bruce,
I am rebuilding now and noticed some error that I may have missed
since the last time I build 7.4.
Essentially the postmaster, bin, lib have been built and server is able to
start and I am able to create a new DB and etc.
Will let you know if the commenting out the HAVE_IPV6 will work.
Meanwhile, the following probably needs to be looked at.
Some background: src/template/solaris has been changed to use -mt instead
of -pthread. Built with Sun Workshop in Solaris 9.
"pl_funcs.c", line 403: warning: argument #1 is incompatible with prototype:
prototype: pointer to const unsigned char :
"../../../../src/include/mb/
pg_wchar.h", line 291
argument : pointer to char
UX tsort: INFORM: cycle in data
pl_comp.o
pl_gram.o
"plperl.c", line 317: undefined symbol: thr
"plperl.c", line 317: left operand of "->" must be pointer to struct/union
"plperl.c", line 323: left operand of "->" must be pointer to struct/union
"plperl.c", line 323: left operand of "->" must be pointer to struct/union
"plperl.c", line 323: left operand of "->" must be pointer to struct/union
"plperl.c", line 323: left operand of "->" must be pointer to struct/union
"plperl.c", line 437: undefined symbol: thr
"plperl.c", line 437: left operand of "->" must be pointer to struct/union
"plperl.c", line 443: left operand of "->" must be pointer to struct/union
"plperl.c", line 443: left operand of "->" must be pointer to struct/union
"plperl.c", line 443: left operand of "->" must be pointer to struct/union
"plperl.c", line 443: left operand of "->" must be pointer to struct/union
cc: acomp failed for plperl.c
make[3]: *** [plperl.o] Error 2
make[2]: *** [all] Error 2
make[1]: *** [all] Error 2
>Yes, you have to comment it out like the other items in the file.
>
>---------------------------------------------------------------------------
>
>Seum-Lim Gan wrote:
>> Hi Bruce,
>>
>> Thanks for the recommendation.
>>
>> I will edit the pg_config.h file and comment out the
>> HAVE_IPV6 #define.
>> It is now defined as 0.
>>
>> Earlier on, I tried to set IPV6 to no or 0 in configure.ih
>> and then configure and rebuild but that did not work.
>>
>> Will let you know if commenting out the HAVE_IPV6 will work.
>>
>> Thanks.
>>
>> Gan
>>
>> At 11:28 am -0500 2003/12/6, Bruce Momjian wrote:
>> >Seum-Lim Gan wrote:
>> >> Hi Bruce,
>> >>
>> >> I wonder if there is any recommendation to this ?
>> >> Is there a way to configure PostgreSQL to not use
>> >> IPv6 ?
>> >
>> >One idea is to edit include/pg_config.h and comment out HAVE_IPV6 and
>> >recompile and see if it works. That will disable the postmaster from
>> >listening on IPv6.
>> >
>> >--
>> > Bruce Momjian | http://candle.pha.pa.us
>> > pgman@candle.pha.pa.us | (610) 359-1001
>> > + If your life is a hard drive, | 13 Roberts Road
>> > + Christ can be your backup. | Newtown Square,
>>Pennsylvania 19073
>> >
>> >---------------------------(end of broadcast)---------------------------
>> >TIP 3: if posting/reading through Usenet, please send an appropriate
>> > subscribe-nomail command to majordomo@postgresql.org so that your
>> > message can get through to the mailing list cleanly
>>
>>
>> --
>> +--------------------------------------------------------+
>> | Seum-Lim GAN email : slgan@lucent.com |
>> | Lucent Technologies |
>> | 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 |
>> | Naperville, IL 60566, USA. fax : (630)-713-7272 |
>> | web : http://inuweb.ih.lucent.com/~slgan |
>> +--------------------------------------------------------+
>>
>> ---------------------------(end of broadcast)---------------------------
>> TIP 8: explain analyze is your friend
>>
>
>--
> Bruce Momjian | http://candle.pha.pa.us
> pgman@candle.pha.pa.us | (610) 359-1001
> + If your life is a hard drive, | 13 Roberts Road
> + Christ can be your backup. | Newtown Square, Pennsylvania 19073
--
+--------------------------------------------------------+
| Seum-Lim GAN email : slgan@lucent.com |
| Lucent Technologies |
| 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 |
| Naperville, IL 60566, USA. fax : (630)-713-7272 |
| web : http://inuweb.ih.lucent.com/~slgan |
+--------------------------------------------------------+
Hi Bruce, I tried to newly compiled 7.4 with HAVE_IPV6 commented out in /src/include/pg_config.h. After that I tried psql: psql -U scncraft -h localhost psql: FATAL: no pg_hba.conf entry for host "::1", user "scncraft", database "A" This happens the same way whether I have this line in pg_hba.conf or not: # IPv6-style local connections: host all all ::1 ffff:ffff:ffff:ffff:ffff:ffff: ffff:ffff ident pspmap Thanks. Gan At 8:48 am -0600 2003/12/7, Seum-Lim Gan wrote: >Hi Bruce, > >I am rebuilding now and noticed some error that I may have missed >since the last time I build 7.4. >Essentially the postmaster, bin, lib have been built and server is able to >start and I am able to create a new DB and etc. >Will let you know if the commenting out the HAVE_IPV6 will work. > >Meanwhile, the following probably needs to be looked at. >Some background: src/template/solaris has been changed to use -mt instead >of -pthread. Built with Sun Workshop in Solaris 9. > >"pl_funcs.c", line 403: warning: argument #1 is incompatible with prototype: > prototype: pointer to const unsigned char : >"../../../../src/include/mb/ >pg_wchar.h", line 291 > argument : pointer to char >UX tsort: INFORM: cycle in data > pl_comp.o > pl_gram.o >"plperl.c", line 317: undefined symbol: thr >"plperl.c", line 317: left operand of "->" must be pointer to struct/union >"plperl.c", line 323: left operand of "->" must be pointer to struct/union >"plperl.c", line 323: left operand of "->" must be pointer to struct/union >"plperl.c", line 323: left operand of "->" must be pointer to struct/union >"plperl.c", line 323: left operand of "->" must be pointer to struct/union >"plperl.c", line 437: undefined symbol: thr >"plperl.c", line 437: left operand of "->" must be pointer to struct/union >"plperl.c", line 443: left operand of "->" must be pointer to struct/union >"plperl.c", line 443: left operand of "->" must be pointer to struct/union >"plperl.c", line 443: left operand of "->" must be pointer to struct/union >"plperl.c", line 443: left operand of "->" must be pointer to struct/union >cc: acomp failed for plperl.c >make[3]: *** [plperl.o] Error 2 >make[2]: *** [all] Error 2 >make[1]: *** [all] Error 2 > > >>Yes, you have to comment it out like the other items in the file. >> >>--------------------------------------------------------------------------- >> >>Seum-Lim Gan wrote: >>> Hi Bruce, >>> >>> Thanks for the recommendation. >>> >>> I will edit the pg_config.h file and comment out the >>> HAVE_IPV6 #define. >>> It is now defined as 0. >>> >>> Earlier on, I tried to set IPV6 to no or 0 in configure.ih >>> and then configure and rebuild but that did not work. >>> >>> Will let you know if commenting out the HAVE_IPV6 will work. >>> >>> Thanks. >>> >>> Gan >>> >>> At 11:28 am -0500 2003/12/6, Bruce Momjian wrote: >>> >Seum-Lim Gan wrote: >>> >> Hi Bruce, >>> >> >>> >> I wonder if there is any recommendation to this ? >>> >> Is there a way to configure PostgreSQL to not use >>> >> IPv6 ? >>> > >>> >One idea is to edit include/pg_config.h and comment out HAVE_IPV6 and >>> >recompile and see if it works. That will disable the postmaster from >>> >listening on IPv6. >>> > >>> >-- >>> > Bruce Momjian | http://candle.pha.pa.us >>> > pgman@candle.pha.pa.us | (610) 359-1001 >>> > + If your life is a hard drive, | 13 Roberts Road >>> > + Christ can be your backup. | Newtown Square, >>>Pennsylvania 19073 >>> > >>> >---------------------------(end of broadcast)--------------------------- >>> >TIP 3: if posting/reading through Usenet, please send an appropriate >>> > subscribe-nomail command to majordomo@postgresql.org so that your >>> > message can get through to the mailing list cleanly >>> >>> >>> -- >>> +--------------------------------------------------------+ >>> | Seum-Lim GAN email : slgan@lucent.com | >>> | Lucent Technologies | >>> | 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 | >>> | Naperville, IL 60566, USA. fax : (630)-713-7272 | >>> | web : http://inuweb.ih.lucent.com/~slgan | >>> +--------------------------------------------------------+ >>> >>> ---------------------------(end of broadcast)--------------------------- >>> TIP 8: explain analyze is your friend >>> >> >>-- >> Bruce Momjian | http://candle.pha.pa.us >> pgman@candle.pha.pa.us | (610) 359-1001 >> + If your life is a hard drive, | 13 Roberts Road >> + Christ can be your backup. | Newtown Square, Pennsylvania 19073 > > >-- >+--------------------------------------------------------+ >| Seum-Lim GAN email : slgan@lucent.com | >| Lucent Technologies | >| 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 | >| Naperville, IL 60566, USA. fax : (630)-713-7272 | >| web : http://inuweb.ih.lucent.com/~slgan | >+--------------------------------------------------------+ > >---------------------------(end of broadcast)--------------------------- >TIP 5: Have you checked our extensive FAQ? > > http://www.postgresql.org/docs/faqs/FAQ.html -- +--------------------------------------------------------+ | Seum-Lim GAN email : slgan@lucent.com | | Lucent Technologies | | 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 | | Naperville, IL 60566, USA. fax : (630)-713-7272 | | web : http://inuweb.ih.lucent.com/~slgan | +--------------------------------------------------------+
Hello, Also solaris has an option to not use IPV6 at least with Solaris 9. When we installed it it asked us if we wanted IPV6 support. We just said no. Sincerely, Joshua D. Drake Seum-Lim Gan wrote: > Hi Bruce, > > Thanks for the recommendation. > > I will edit the pg_config.h file and comment out the > HAVE_IPV6 #define. > It is now defined as 0. > > Earlier on, I tried to set IPV6 to no or 0 in configure.ih > and then configure and rebuild but that did not work. > > Will let you know if commenting out the HAVE_IPV6 will work. > > Thanks. > > Gan > > At 11:28 am -0500 2003/12/6, Bruce Momjian wrote: > >> Seum-Lim Gan wrote: >> >>> Hi Bruce, >>> >>> I wonder if there is any recommendation to this ? >>> Is there a way to configure PostgreSQL to not use >>> IPv6 ? >> >> >> One idea is to edit include/pg_config.h and comment out HAVE_IPV6 and >> recompile and see if it works. That will disable the postmaster from >> listening on IPv6. >> >> -- >> Bruce Momjian | http://candle.pha.pa.us >> pgman@candle.pha.pa.us | (610) 359-1001 >> + If your life is a hard drive, | 13 Roberts Road >> + Christ can be your backup. | Newtown Square, >> Pennsylvania 19073 >> >> ---------------------------(end of broadcast)--------------------------- >> TIP 3: if posting/reading through Usenet, please send an appropriate >> subscribe-nomail command to majordomo@postgresql.org so that your >> message can get through to the mailing list cleanly > > > -- Command Prompt, Inc., home of Mammoth PostgreSQL - S/ODBC - S/JDBC Postgresql support, programming, shared hosting and dedicated hosting. +1-503-222-2783 - jd@commandprompt.com - http://www.commandprompt.com
Yes, I am not suspecting that there is something strange with that Solaris installation. Maybe everything is IPv6. We certainly have lots of Solaris users. Are all Solaris connections coming in as IPv6? That seems impossible because we didn't support IPv6 in PostgreSQL 7.3 and it worked fine. Now, I can see Solaris favoring IPv6 if we listen on IPv4 and IPv6, but if you compiled with IPv6 disabled, we don't listen on that port and I can't see how the connection could be coming in on IPv6. I think you need to dig into Solaris to see what netstat shows and how your localhost is mapped on your machine. --------------------------------------------------------------------------- Joshua D. Drake wrote: > Hello, > > Also solaris has an option to not use IPV6 at least with Solaris 9. > When we installed > it it asked us if we wanted IPV6 support. We just said no. > > Sincerely, > > Joshua D. Drake > > > Seum-Lim Gan wrote: > > > Hi Bruce, > > > > Thanks for the recommendation. > > > > I will edit the pg_config.h file and comment out the > > HAVE_IPV6 #define. > > It is now defined as 0. > > > > Earlier on, I tried to set IPV6 to no or 0 in configure.ih > > and then configure and rebuild but that did not work. > > > > Will let you know if commenting out the HAVE_IPV6 will work. > > > > Thanks. > > > > Gan > > > > At 11:28 am -0500 2003/12/6, Bruce Momjian wrote: > > > >> Seum-Lim Gan wrote: > >> > >>> Hi Bruce, > >>> > >>> I wonder if there is any recommendation to this ? > >>> Is there a way to configure PostgreSQL to not use > >>> IPv6 ? > >> > >> > >> One idea is to edit include/pg_config.h and comment out HAVE_IPV6 and > >> recompile and see if it works. That will disable the postmaster from > >> listening on IPv6. > >> > >> -- > >> Bruce Momjian | http://candle.pha.pa.us > >> pgman@candle.pha.pa.us | (610) 359-1001 > >> + If your life is a hard drive, | 13 Roberts Road > >> + Christ can be your backup. | Newtown Square, > >> Pennsylvania 19073 > >> > >> ---------------------------(end of broadcast)--------------------------- > >> TIP 3: if posting/reading through Usenet, please send an appropriate > >> subscribe-nomail command to majordomo@postgresql.org so that your > >> message can get through to the mailing list cleanly > > > > > > > > -- > Command Prompt, Inc., home of Mammoth PostgreSQL - S/ODBC - S/JDBC > Postgresql support, programming, shared hosting and dedicated hosting. > +1-503-222-2783 - jd@commandprompt.com - http://www.commandprompt.com > > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
Seum-Lim Gan wrote:
> Hi Bruce,
>
> I tried to newly compiled 7.4 with HAVE_IPV6 commented out
> in /src/include/pg_config.h.
>
> After that I tried psql:
>
> psql -U scncraft -h localhost
> psql: FATAL: no pg_hba.conf entry for host "::1", user "scncraft",
> database "A"
>
> This happens the same way whether I have this line in pg_hba.conf or not:
> # IPv6-style local connections:
> host all all ::1
> ffff:ffff:ffff:ffff:ffff:ffff:
> ffff:ffff ident pspmap
Forget ident at this point. Let's see if we can get your machine to use
the IPv4 line in pg_hba.conf.
Try this --- compile with IPv6 commented out, as you have done, then
remove the ::1 line from pg_hba.conf, and see if you can connect using
this:
> psql -U scncraft -h 127.0.0.1
and see what happens. Is your 'localhost' mapped to an IPv4 OR IPv6
address? Also, I am sure you realized you can connect without -h just
using unix domain sockets, but that will not allow you to use ident.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
Hi Bruce, I tried psql -U scncraft -h 127.0.0.1 and it works. So, it may seem that my localhost somehow is mapped to use IPV6 ? Last time I added a line in /etc/host thinking it may help: ::1 ip6-localhost ip6-loopback I just took that line off and rebooted the machine but now I cannot get in. Need to get to the console and see why telnetd: could not grant slave pty. Will let you know after I try to get back in. Gan At 4:01 pm -0500 2003/12/7, Bruce Momjian wrote: >Seum-Lim Gan wrote: >> Hi Bruce, >> >> I tried to newly compiled 7.4 with HAVE_IPV6 commented out >> in /src/include/pg_config.h. >> >> After that I tried psql: >> >> psql -U scncraft -h localhost >> psql: FATAL: no pg_hba.conf entry for host "::1", user "scncraft", >> database "A" >> >> This happens the same way whether I have this line in pg_hba.conf or not: >> # IPv6-style local connections: >> host all all ::1 >> ffff:ffff:ffff:ffff:ffff:ffff: >> ffff:ffff ident pspmap > >Forget ident at this point. Let's see if we can get your machine to use >the IPv4 line in pg_hba.conf. > >Try this --- compile with IPv6 commented out, as you have done, then >remove the ::1 line from pg_hba.conf, and see if you can connect using >this: > > > psql -U scncraft -h 127.0.0.1 > >and see what happens. Is your 'localhost' mapped to an IPv4 OR IPv6 >address? Also, I am sure you realized you can connect without -h just >using unix domain sockets, but that will not allow you to use ident. > >-- > Bruce Momjian | http://candle.pha.pa.us > pgman@candle.pha.pa.us | (610) 359-1001 > + If your life is a hard drive, | 13 Roberts Road > + Christ can be your backup. | Newtown Square, Pennsylvania 19073 -- +--------------------------------------------------------+ | Seum-Lim GAN email : slgan@lucent.com | | Lucent Technologies | | 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 | | Naperville, IL 60566, USA. fax : (630)-713-7272 | | web : http://inuweb.ih.lucent.com/~slgan | +--------------------------------------------------------+
Seum-Lim Gan wrote: > Hi Bruce, > > I tried psql -U scncraft -h 127.0.0.1 and it works. > > So, it may seem that my localhost somehow is mapped to > use IPV6 ? Yes, if 127.0.0.1 works but 'localhost' doesn't, that is the cause of your problem with all 'localhost' connections coming in as IPv6. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073