Good tip! Thank you. -----Original Message----- From: pgsql-general-owner@xxxxxxxxxxxxxx [mailto:pgsql-general-owner@xxxxxxxxxxxxxx] On Behalf Of John R Pierce Sent: Friday, February 22, 2013 2:35 PM To: pgsql-general@xxxxxxxxxxxxxx Subject: Re: confirming security. On 2/22/2013 8:13 AM, Maz Mohammadi wrote: > Ahhh yes....it is now... > > =========== > # TYPE DATABASE USER ADDRESS METHOD > # "local" is for Unix domain socket connections only > #local all all trust > # IPv4 local connections: > #host all all 127.0.0.1/32 trust > # IPv6 local connections: > #host all all ::1/128 trust > # Allow replication connections from localhost, by a user with the # > replication privilege. > #local replication postgres-xc trust > #host replication postgres-xc 127.0.0.1/32 trust > #host replication postgres-xc ::1/128 trust > hostssl all all 127.0.0.1/32 cert I would leave a local line in front of that like.. local all postgres peer this will allow the postgres user to log on regardless when using unix sockets rather than tcp/ip (eg, when not specifying any -h hostname). handy for database administration and fixing problems. -- john r pierce 37N 122W somewhere on the middle of the left coast -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
