Hello List.
I am having an issue with pg_ident on v10.1 that I can’t work out. This
morning after creating a new user account on my postgresql server I
created an entry in the pg_ident.conf file thus:
OSUName Loader PGUserName
In the pg_hba.conf file I added this:
host dbname all 192.168.0.20/32 ident map=OSUName
After making these changes I restarted the service using sudo systemctl
restart postgresql.service (Arch Linux)
Then after modifying my Python code to pass the
os_environ.get(“USERNAME”) name as the user= value in the
psycopg2.connect method, and setting the very basic password= value to
the password I gave when I created the Loader unix account I was denied
access due to no pg_hba entry for OSUName I then re-edited the file to:
host dbname OSUName 192.168.0.20/32 ident
map=OSUName
And after a restart I was allowed to connect and load data using the
Python application. With this working I thought it best to provide a
more secure password so I generated a new one and set it using sudo
passwd Loader. I then changed the password in the Python, and tried to
connect but got a FATAL: Ident authentication failed for user OSUName.
On seeing this I restarted the postgresql service but I got and continue
to get this error, even after dumping the Loader account and starting again.
I can login to the postgresql machine using the accounts I've created,
but regardless of what I do I now can’t get past this FATAL error. I’d
really appreciate your thoughts on what I have done wrong here as it
worked before but now simply refuses to.
I appreciate that it says in the documents that this isn’t really the
best approach but I want (need) a way to allow a remote user (external
to the LAN) to use my application to load data to the postgresql server
without providing the real PGUserName to them or in the Python code.
--
Bill
--
Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
