Hi. I am using Postgres 9.1 on Ubuntu 11.10 64bit. I have a question about client authentication.
After installing the server, and setting the postgres password to encrypted 'postgres', I made sure I can log in like that. Then, I edited the /etc/postgres/9.1/main/pg_hba.conf file to contain just this single like:
local all all md5
According to these sources:
http://www.postgresql.org/docs/9.1/static/auth-pg-hba-conf.html
this means (at least that's how I understand it):
1. local - it allows only connections using unix domain sockets
2. first all - access to all databases
3. second all - for every user
4. md5 - requires providing a password for a login
But now, I am trying to connect as a normal user:
psql -d postgres -U postgres
and it connects without ever asking for a password! (The password works fine when I force it with -W, so this part is ok.)
If I add a line for TCP/IP connections (with 'host' at the beginning) it does ask for the password, so it looks like the behavior I am experiencing has something to do with domain socket, but I am not sure.
The user that I installed Postgres with and tried logging in was the same, and it was in the admin group, so it had the sudoer privilage. I thought it had something to do with that, so I created another user, who wasn't a sudoer - and I had to give the password. But then, when I added the admin group to the user (which adds it to sudoers on my machine), I still had to specify the password (and sudo works fine), which would imply that it was a dead end.
The thing makes me a little nervous, because I apparently can't configure my server correctly, there is something that I don't understand here ;d I would like to ask you about what is this strange behavior caused by.
wujek