| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Thom Brown <thombrown(at)gmail(dot)com> |
| Cc: | "A(dot) Kretschmer" <andreas(dot)kretschmer(at)schollglas(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Too easy to log in as the "postgres" user? |
| Date: | 2009-10-15 13:03:20 |
| Message-ID: | 20091015130320.GD17756@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
* Thom Brown (thombrown(at)gmail(dot)com) wrote:
> Okay, I've just ended up commenting out the host lines and it's
> effective enough as far as logging in is concerned. However, the
> websites which use the database are no longer able to connect. I
> should point out that they are connecting to pgbouncer through a
> specific port number. I haven't been successful in getting the sites
> to connect through a unix socket.
If you want access controls on network-based connections, you'll have to
switch to using one of the other auth methods I mentioned. Probably the
simplest is to use 'md5' and then set passwords for the users who log
into the database.
Unix sockets are only possible if the application (pgbouncer, in your
case) and the database are on the same system. If this is the case, you
may need to set the unix_socket parameter in pgbouncer, and make sure
that you do not have 'host' set in pgbouncer.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Bailey | 2009-10-15 13:24:57 | Re: Too easy to log in as the "postgres" user? |
| Previous Message | Thom Brown | 2009-10-15 12:10:48 | Re: SFPUG: Video from "Statistics and Postgres -- How the Planner Sees Your Data" Now on Vimeo |