Search Postgresql Archives

Re: Fwd: Restarting with pg_ctl, users, and passwords.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



So, since I run my CGI under a non-'postgres' user, is that the line
that would govern my authentication, and then fail me?  Because I
thought with 'postgres' listed as the 3rd spot, this line would not
apply, and would move on to a different governing rule...

On Wed, Aug 20, 2008 at 4:21 PM, Adrian Klaver <aklaver@xxxxxxxxxxx> wrote:
>  -------------- Original message ----------------------
> From: "Matthew Pettis" <matthew.pettis@xxxxxxxxx>
>> would the 'ident sameuser' entry qualify as a 'some non-functional
>> authentication method'?
>
> Yes. Basically you only get one shot at each connection to satisfy the requirements of a pg_hba line. The lines are read top to bottom, so if you have restrictive line at the top that your connection cannot satisfy then you are locked out.  As has been mentioned on Linux the default action is to connect via the local socket in the absence of a host name/ip in the connection string.So in your case with no host specified the connection would attempt a socket connection. The first socket line is:
> local   all         postgres                          ident sameuser
>
> so you would need to be logged in as the Linux user postgres to make the connection.
>
>>
>>
>>
>> On Wed, Aug 20, 2008 at 3:48 PM, Adrian Klaver <aklaver@xxxxxxxxxxx> wrote:
>> >
>> >  -------------- Original message ----------------------
>> > From: aklaver@xxxxxxxxxxx (Adrian Klaver)
>> >> -------------- Original message ----------------------
>> >> From: "Matthew Pettis" <matthew.pettis@xxxxxxxxx>
>> >> > SOLVED.
>> >> >
>> >> > Yep, Restart was done.
>> >> >
>> >> > The issue turned out not to be with Postgresql config, but the app
>> >> > config.  In the app, I define a connection string, which has user,
>> >> > password, and databasename.  When I had this same configuration on
>> >> > WinXP, I did not need to specify a fourth parameter, the host, which
>> >> > explicitly told the app to use host=localhost.  When I added the host
>> >> > param to the connection string, it all went through.
>> >> >
>> >> > On the bright side, I learned a lot about how to restart the service
>> >> > and the config files...
>> >> >
>> >> > Curious: Any ideas why I can leave the host off my connection string
>> >> > in WinXP, but not Linux?  It it an idiosyncracy of my app, or of
>> >> > PostgreSQL?
>> >> >
>> >> > Thanks for all the help,
>> >> > Matt
>> >> >
>> >> Is the Linux app running on the Postgres server machine?
>> >> If so I hazard a guess that you have a line like:
>> >>
>> >> local   all         all                               trust
>> >
>> > Should have been:
>> >
>> > local   all         all                            some non-functional
>> authentication method
>> >
>> > this would cause the connection to the socket to fail assuming the
>> authentication method selected did not work.
>> >
>> >>
>> >> before your host line in pg_hba.
>> >>
>> >> The app connecting from the same machine would try the local socket (local)
>> >> before the localhost(tcp/ip), unless localhost was specified in the
>> connection
>> >> string.
>> >>
>> >>
>> >>
>> >> --
>> >> Adrian Klaver
>> >> aklaver@xxxxxxxxxxx
>> >>
>> >>
>> >>
>
>
>
> --
> Adrian Klaver
> aklaver@xxxxxxxxxxx
>
>



-- 
It is from the wellspring of our despair and the places that we are
broken that we come to repair the world.
-- Murray Waas


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux