Re: HOWTO? Permissions for user to access a single db

Damian Carey <jamianb(at)gmail(dot)com> writes:
> Still on a "permissions" theme ... is their any glaring issues that are
> required to provide a random linux user with permissions to access a DB?

Well ... if they can "see" the postgres DB then there should be no such
issues, as they evidently managed to establish a database connection.
However, if we assume that that unnamed connector module is lying through
its teeth and presenting this dialog when it can't connect at all, then
there's a lot more possibilities to consider.

Just stopping to think a minute --- it's unlikely that a lashup such
as you describe would be trying to use a Unix socket file, as local
connections with psql probably do. Instead, I imagine that the connector
is trying to connect over a TCP connection being tunneled through the
SSH connection. Obvious things to check then include:

* Is SSH actually being told to provide this tunnel?

* Is the kernel firewall on the Linux machine allowing tunneled packets
to reach the database?

* Is Postgres listening on whichever address/port the tunneled packets
are addressed to? (This is trickier than it looks, as you have at least
localhost vs. external IP address to consider, not to mention IPv4 vs
IPv6)

* Is pg_hba.conf set up to allow the connection?

Only if the problem is at that last step will log_connections help much;
otherwise, no data is reaching Postgres at all.

regards, tom lane