----- "Daniel Verite" <daniel@xxxxxxxxxxxxxxxx> wrote: > Tim Uckun wrote: > > > > I am very confused about something though. Not one person here has > > said anything about how pg_ident works or what I did wrong. Is > > pg_ident deprecated? Is there no way to accomplish this with > pg_ident? > > I just tried with 8.4.1. Started with the default configuration, > created > data/pg_ident.conf with: > pg_map root postgres > pg_map postgres postgres > > Replaced in pg_hba.conf: > < local all all trust > by > > local all all ident > map=pg_map > > Restarted the server, and then: > $ su - > # /usr/local/pg84/bin/psql -U postgres > psql (8.4.1) > Type "help" for help. > > postgres=# > > ... it appears to works. > > Now if I remove that line in data/pg_ident.conf: > pg_map root postgres > and reload the server and retry, I get the expected rejection: > psql: FATAL: Ident authentication failed for user "postgres" > and in the server logs: > LOG: no match in usermap for user "postgres" authenticated as "root" > CONTEXT: usermap "pg_map" > FATAL: Ident authentication failed for user "postgres" > > That's on ubuntu 9.04, with postgres compiled from source. Which is why I think this is an out of order problem. The Ruby script is trying to connect before the proper information is in pg_ident.conf and/or pg_hba.conf. > > > Why has everybody suggested either I don't do what I want/need to > do > > or that I should do it via the su mechanism? > > On unix systems, it's a standard recommendation not to run anything as > root > when it's possible to do otherwise, so we just apply this to psql I > guess. > > Best regards, > -- > Daniel > PostgreSQL-powered mail user agent and storage: > http://www.manitou-mail.org Adrian Klaver aklaver@xxxxxxxxxxx -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
