After seeing the article in Linuxjournal about sql-ledger I wanted to try it out. The article referred to the installation as a "breeze". That was not my experience. I found the documentation confusing to say the least.
The README.Debian says: "The easiest way to test this package is to add a postgres-users with the name of www-data. This however will mean that every apache process will be able to authenticate to your DB. To make a more robust security scheme, please read your postgres documentation, but for now, do , as root, a su - postgres createuser -d www-data ... snip ... To finally test this, point your browser at http://localhost/sql-ledger/admin.pl to create the DB and the initial user, and afterwards: http://localhost/sql-ledger/login.pl to log in. " Why would the documentation suggest a scheme that is not secure? Trying to create more secure schemes I had a lot of problems with the standard Debian ident-scheme in postgresql. Reading the FAQ of sql-ledger, I found: " This error has everything to do with the way distros set up access rights for postgres. They are way too restrictive and leave you wondering what to do next. Do yourself a favour and change authentication type in pg_hba.conf to local all trust until you have figured out what all this stuff in pg_hba.conf does. Read about the different authentication settings and change them as you see fit." Now that does not help at all! Other documentation (README.gz) suggests a "safer" scheme: "if you use passwords to access postgres use this command $ createuser -d -P sql-ledger " So I did that as well as 'createdb sql-ledger' and put the following in /etc/pg_hba.conf: # All IPv4 connections from localhost host sql-ledger sql-ledger 127.0.0.1 255.255.255.255 md5 host all all 127.0.0.1 255.255.255.255 ident sameuser After reloading the postgresql-configuration I tried http://localhost/sql-ledger/admin.pl but when I try to create a dataset as sql-ledger I get the following error: FATAL: IDENT authentification failed for user "sql-ledger". Why is postgresql trying to do an IDENT-authentication? Is there an SQL-HOWTO somewhere that can explain in simple terms how to set up sql-ledger in a secure way. Regards Johann -- J.H. Spies - Tel. 021-982 2694 / 082 782 0336 / 021-808 4036(w) Posbus 4668, Tygervallei 7536 "How precious also are thy thoughts unto me, O God! how great is the sum of them! If I should count them, they are more in number than the sand; when I awake, I am still with thee." Psalms 139: 17,18 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
