From: | Magnus Hagander <magnus(at)hagander(dot)net> |
---|---|
To: | David Fetter <david(at)fetter(dot)org> |
Cc: | pgsql-bugs(at)postgresql(dot)org |
Subject: | Re: BUG #6687: initdb -A ident can almost never be correct |
Date: | 2012-06-11 16:04:22 |
Message-ID: | CABUevEybKDBRj7JT0KVcombe5V9GY-F9Ab5bWy4QeyaEb+aAOw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
On Mon, Jun 11, 2012 at 6:01 PM, David Fetter <david(at)fetter(dot)org> wrote:
> On Mon, Jun 11, 2012 at 05:51:06PM +0200, Magnus Hagander wrote:
>> On Mon, Jun 11, 2012 at 5:14 PM, <david(at)fetter(dot)org> wrote:
>> > The following bug has been logged on the website:
>> >
>> > Bug reference: 6687
>> > Logged by: David Fetter
>> > Email address: david(at)fetter(dot)org
>> > PostgreSQL version: 9.1.4
>> > Operating system: All
>> > Description:
>> >
>> > When calling initdb -A, it is assumed--wrongly in the case of ident, that
>> > every method is valid for both local and network.
>>
>> Um, what do you mean?
>>
>> If I specify initdb -A, it gives me peer on local and ident on tcp, is
>> that not what you expected?
>>
>> Or maybe I'm misunderstanding the problem completely.. What is
>> happening, and what are you expecting to happen?
>
> We have a design issue, namely that initdb -A blindly applies the auth
> method specified to all default accesses. This is the correct
> behavior for all auth methods except for ident, where it is wrong just
> about everywhere for network (localhost rather than local) access.
Uh, what *would* you expect to happen if you choose "ident"? That
something different than what you choose is done?
I can get the argument for "peer", which could potentially leave the
non-local entries out completely. But I don't see anything wrong with
what "ident" does.
And even in the case of peer, since the default is not to even
*listen* on remote connections, it's not a huge problem...
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
From | Date | Subject | |
---|---|---|---|
Next Message | David Fetter | 2012-06-11 16:14:41 | Re: BUG #6687: initdb -A ident can almost never be correct |
Previous Message | David Fetter | 2012-06-11 16:01:42 | Re: BUG #6687: initdb -A ident can almost never be correct |