Re: Connect error

On Mon, Jan 12, 2004 at 10:04:53AM -0600, Bruno Wolff III wrote:
> On Mon, Jan 12, 2004 at 07:42:41 -0800,
> Bill Moseley <moseley(at)hank(dot)org> wrote:
> >
> > I don't know php, but is it (or Apache) running as user russell? If
> > not, then you can't authorize by IDENT.
>
> It is possible to authenticate using ident using a map that says the
> webserver account is allowed to use the db account "russell". The web server
> must either be on the same machine uisng domain sockets for connecting
> (which looks to be the case here) or be running an ident server.

I was not able to get this configuration working, so I think I'm not
understanding the documentation correctly. Or maybe I was expecting
that "sameuser" would work:

moseley(at)bumby:~$ createdb newdb
CREATE DATABASE

moseley(at)bumby:~$ psql newdb
Welcome to psql 7.4.1, the PostgreSQL interactive terminal.

Type: \copyright for distribution terms
\h for help with SQL commands
\? for help on internal slash commands
\g or terminate with semicolon to execute query
\q to quit

newdb=> \q

moseley(at)bumby:~$ su
Password:

bumby:/home/moseley# fgrep moseley /etc/postgresql/pg_ident.conf
sameuser www-data moseley

bumby:/home/moseley# /etc/init.d/postgresql restart
Stopping PostgreSQL database server: postmaster.
Starting PostgreSQL database server: postmaster.

bumby:/home/moseley# su www-data

bumby:/home/moseley$ psql newdb
psql: FATAL: user "www-data" does not exist

bumby:/home/moseley$ psql -Umoseley newdb
psql: FATAL: IDENT authentication failed for user "moseley"

I even tried using my own map name instead of "sameuser".

bumby:/etc/postgresql# fgrep testmap pg_hba.conf pg_ident.conf
pg_hba.conf:host all all 127.0.0.1 255.255.255.255 ident testmap
pg_ident.conf:testmap moseley www-data

So I think I'm missing an important concept.

--
Bill Moseley
moseley(at)hank(dot)org