In particular, something quite a bit more verbose than the offical docs
on www.postgresql.org/docs (which are good, but not quite detailed
enough for me to unravel which entry in one particular pg_hba.conf is
taking precedence, and how to add several new entries that won't break
anything else). Every experiment I've tried has *almost* worked in the
manner I'm understanding from every bit of documentation I've found, but
something always breaks. :(
Failing that, a diagnostic poke to the head to tell me where in this
config I should put entries that refer to both local socket connections
and remote TCP/IP connections for one specific database that I want MD5
(or crypt, for the old 6.x client :/ ) authentication on:
=========
# From Debian Sarge stock install
local all postgres ident sameuser
local all all ident sameuser
# Added for local software using PG
local template1 all ident
local sameuser all md5
local all root trust
# More entries from stock Debian package
host all all 127.0.0.1 255.255.255.255 ident sameuser
host all all ::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
ident sameuser
host all all ::ffff:127.0.0.1/128 ident sameuser
# another local config - the real entry contains a real IP
host all all [host IP] 255.255.255.255 trust
# Last stock entry
host all all 0.0.0.0 0.0.0.0 reject
=========
(Comments trimmed out, whitespace mostly compacted; linewraps are not
present in the real file - but my new entries don't function as expected
when I put them where I *think* they should go.)
-kgd
