Re: How to confirm the pg_hba.conf service is correctly working

[shing dong <s7eqs7eq@xxxxxxxxx>]

DEAR  TOM

just one PG instance in host

I did an experiment
When I remove pg and reinstall pg,  the function of pg_hba is working ,represent that the location of pg_hba is right


----- remove
yum remove postgresql*

--- install
yum -y install https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm

yum install postgresql10 postgresql10-server postgresql10-contrib postgresql10-libs postgresql10-dev* -y


-----------
I have Check again the content of pg_hba.conf and  "select * from pg_hba_file_rules"  consistent

Yes, this question is very tricky  

Tom Lane <tgl@xxxxxxxxxxxxx> 於 2021年12月21日 週二 下午10:42寫道：

shing dong <s7eqs7eq@xxxxxxxxx> writes:
> 1. The rules in pg_hba.conf are almost invalid
> 2. pg_hba.conf is only useful for METHOD = trust
> 3. check SHOW hba_file; the file location is correct
> 4. select * from pg_hba_file_rules;  checked  is correct
> 5.DB version :  PostgreSQL 10.19  on x86_64-pc-linux-gnu, compiled by gcc
> (GCC) 4.8.5 20150623 (Red Hat 4.8.5-44), 64-bit
> Even if you delete the text in pg_hba.conf
> Keep only
> host   VJ   VJ_USER   10.10.10.1/32 md5
> After  pg_ctl reload and  Restart DB , any ip, user still can log in to DB

It's hard to say where your mistake is, but probably the first
thing to check is whether you're really restarting the postmaster.
I'm wondering in particular if there's more than one PG instance
on the machine and you're reconfiguring or restarting the wrong
one.  Other than that, retrace your steps carefully, because at
least one of the above statements must be wrong.

(I guess if you were feeling *really* paranoid, you could wonder
whether somebody replaced your postmaster executable with a hacked
version that doesn't apply any pg_hba checks.  But pilot error
seems like a far more probable explanation.)

                        regards, tom lane