Thread: Major newbie - Part deux

Major newbie - Part deux

From
"David J. Lines"
Date:
Hi,

Thank you to Oliver for that help with my password questions.  I have a
couple more questions:

1.  Can I have entries in pg_hba.conf for specific databases and then end
with an entry for all so that I can protect certain databases one way and
all the rest another way?  For example:

local   xyz_db                                 password
host    xyz_db   127.0.0.1   255.255.255.255   password
local   all                                    trust
host    all      127.0.0.1   255.255.255.255   trust

In theory I want to protect xyz_db with passwords, but all other databases
I will trust anyone who is local or is on a TCP/IP host.

2.  What happens if I have an entry for a specific TCP/IP address will it
take that over the general address?

host    all      127.0.0.1      255.255.255.255   trust
host    all      192.168.90.0   255.255.255.255   password

Will this require a password from anyone on the 192.168.90.0 addresses, but
all other TCP/IP addresses will be trusted?

3.  What is the difference in the following two lines?

host     all     192.168.34.0     255.255.255.255    password
host     all     192.168.34.0     255.255.255.0      password

(and please don't say that there is a 0 in one entry and a 255 in the other
:))

TIA,


David



Hello List

From
Jochen Kaechelin
Date:
Hello List - I'am new here.

At the beginning I'am looking for an easy tutorial
-german language prefered- where I can read about migrating from
MySQL to PostgreSQL.

Can anybody give me some links?

Thanks.


--
Jochen Kaechelin

Re: Major newbie - Part deux

From
"Josh Berkus"
Date:
David,

> 1.  Can I have entries in pg_hba.conf for specific databases and then
>  end
> with an entry for all so that I can protect certain databases one way
>  and
> all the rest another way?  For example:

According to the docs, yes.  I haven't tried it, though.

> 2.  What happens if I have an entry for a specific TCP/IP address
>  will it
> take that over the general address?

No.

> 3.  What is the difference in the following two lines?
>
> host     all     192.168.34.0     255.255.255.255    password
> host     all     192.168.34.0     255.255.255.0      password

"One of these things is not like the others ...."

This is basic TCP/IP networking know-how.  The Netmask (255.255.255.0)
 defines the range of addresses covered.
Line 1 covers only the single address 192.168.34.0
Line 2 covers 192.168.34.0 to 192.168.34.255

Got it?

-Josh

P.S. As of 7.2, you may have to re-start the database server to make
 your pg_hba.conf changes take effect.