|
On 5/9/2016 1:18 PM, D'Arcy J.M. Cain
wrote:
Basically I think that pg_hba.conf is missing a feature. We can specify the database, the user and the address but we can't specify the authenticated user. When it sees this; provided user name (x) and authenticated user name (nobody) do not match I would like it to connect with user x but drop to password authentication. 'ident' is only secure over local 'domain' sockets, not over tcp/ip. that said, you can use an ident user map to do what you want, this would say '"nobody" can log on as A, B, or C'
-- john r pierce, recycling bits in santa cruz |
