Joe Miller <joe(dot)d(dot)miller(at)gmail(dot)com> writes:
> I have a PostgreSQL installation for which I would like to limit local
> domain socket access to the postgres user and members of the "myadmin"
> group. I've modified pg_hba.conf to trust local domain socket connections,
> and changed these settings in postgresql.conf:
> unix_socket_group = 'myadmin'
> unix_socket_permissions = 0770
Looks reasonable.
> When I look at the socket file in /tmp, I see the following:
> srwx------ 1 postgres postgres 0 Nov 13 10:03 .s.PGSQL.5432
Huh, did you restart the server? Are you sure you modified the right
config file? Those settings obviously didn't "take".
regards, tom lane