So, since I run my CGI under a non-'postgres' user, is that the line that would govern my authentication, and then fail me? Because I thought with 'postgres' listed as the 3rd spot, this line would not apply, and would move on to a different governing rule...
On Wed, Aug 20, 2008 at 4:21 PM, Adrian Klaver <[EMAIL PROTECTED]> wrote: > -------------- Original message ---------------------- > From: "Matthew Pettis" <[EMAIL PROTECTED]> >> would the 'ident sameuser' entry qualify as a 'some non-functional >> authentication method'? > > Yes. Basically you only get one shot at each connection to satisfy the > requirements of a pg_hba line. The lines are read top to bottom, so if you > have restrictive line at the top that your connection cannot satisfy then you > are locked out. As has been mentioned on Linux the default action is to > connect via the local socket in the absence of a host name/ip in the > connection string.So in your case with no host specified the connection would > attempt a socket connection. The first socket line is: > local all postgres ident sameuser > > so you would need to be logged in as the Linux user postgres to make the > connection. > >> >> >> >> On Wed, Aug 20, 2008 at 3:48 PM, Adrian Klaver <[EMAIL PROTECTED]> wrote: >> > >> > -------------- Original message ---------------------- >> > From: [EMAIL PROTECTED] (Adrian Klaver) >> >> -------------- Original message ---------------------- >> >> From: "Matthew Pettis" <[EMAIL PROTECTED]> >> >> > SOLVED. >> >> > >> >> > Yep, Restart was done. >> >> > >> >> > The issue turned out not to be with Postgresql config, but the app >> >> > config. In the app, I define a connection string, which has user, >> >> > password, and databasename. When I had this same configuration on >> >> > WinXP, I did not need to specify a fourth parameter, the host, which >> >> > explicitly told the app to use host=localhost. When I added the host >> >> > param to the connection string, it all went through. >> >> > >> >> > On the bright side, I learned a lot about how to restart the service >> >> > and the config files... >> >> > >> >> > Curious: Any ideas why I can leave the host off my connection string >> >> > in WinXP, but not Linux? It it an idiosyncracy of my app, or of >> >> > PostgreSQL? >> >> > >> >> > Thanks for all the help, >> >> > Matt >> >> > >> >> Is the Linux app running on the Postgres server machine? >> >> If so I hazard a guess that you have a line like: >> >> >> >> local all all trust >> > >> > Should have been: >> > >> > local all all some non-functional >> authentication method >> > >> > this would cause the connection to the socket to fail assuming the >> authentication method selected did not work. >> > >> >> >> >> before your host line in pg_hba. >> >> >> >> The app connecting from the same machine would try the local socket >> >> (local) >> >> before the localhost(tcp/ip), unless localhost was specified in the >> connection >> >> string. >> >> >> >> >> >> >> >> -- >> >> Adrian Klaver >> >> [EMAIL PROTECTED] >> >> >> >> >> >> > > > > -- > Adrian Klaver > [EMAIL PROTECTED] > > -- It is from the wellspring of our despair and the places that we are broken that we come to repair the world. -- Murray Waas -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
