| From: | Joe Brenner <doom(at)kzsu(dot)stanford(dot)edu> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | pg_ident.conf not working? |
| Date: | 2010-10-16 20:00:31 |
| Message-ID: | 201010162000.o9GK0VIA082489@kzsu.stanford.edu |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
I've noticed a difference in postgresql 8.3 and 9.0.1 that I suspect
is a bug. pg_ident.conf isn't working the way it used to.
I have a website set-up with apache running as using user
"www-data". As I remember it, I found that it was difficult to
set-up a postgres user name with a hyphen in it, so I fell back
on creating a "www" postgres account, and I used the mapping:
pg_ident.conf:
# MAPNAME SYSTEM-USERNAME PG-USERNAME
apache www-data www
That used to work with postgres 8.3 (running on the same
box as apache, of course), now with postgres 9.0.1 I can't
get things like this to work:
pg_hba.conf
# TYPE DATABASE USER CIDR-ADDRESS METHOD
local my_dbname www ident
The log shows the error message:
LOG: provided user name (www) and authenticated user name (www-data) do not match
FATAL: Ident authentication failed for user "www"
I can "fix" this by changing "ident" to "trust", but I'd
rather restrict access to just the apache user.
(Hm... maybe I need to try "ident map=apache"?)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Brenner | 2010-10-16 20:49:59 | Re: pg_ident.conf not working? |
| Previous Message | Guillaume Lelarge | 2010-10-15 22:24:54 | Re: two questions about pg 9.0 |