IDENT and pg_hda.conf - PostgreSQL Database

Susemail

Is this good advice?

IDENT Authentication failed for user "postgres"

This error has everything to do with the way distros set up access rights for
postgres. They are way too restrictive and leave you wondering what to do
next.

Do yourself a favour and change authentication type in pg_hba.conf to

local all trust

until you have figured out what all this stuff in pg_hba.conf does. Read about
the different authentication settings and change them as you see fit. It is
all described in detail in pg_hba.conf

In any case I don't have a pg_hba.conf file:

:~> locate pg_hba.conf
/usr/share/postgresql/pg_hba.conf.sam ple
:~>

Should I have one? If I should, where does it belong?
Thanks,
Jerome
---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Nov 22 '05 #1

Subscribe Reply

4550

Paul Thomas

On 30/01/2004 09:39 Susemail wrote:

[snip]
In any case I don't have a pg_hba.conf file:
You should have, unless you haven't done an initdb...

:~> locate pg_hba.conf
/usr/share/postgresql/pg_hba.conf.sam ple
:~>

Should I have one? If I should, where does it belong?

It's in PostgreSQL's data dir. Obviously this may differ from distro to
distro. Probably what is happening is that you running locate as regular
user which won't have read access to that directoty (it's owned by user
postgres).

--
Paul Thomas
+------------------------------+---------------------------------------------+
| Thomas Micro Systems Limited | Software Solutions for the Smaller
Business |
| Computer Consultants |
http://www.thomas-micro-systems-ltd.co.uk |
+------------------------------+---------------------------------------------+

---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to ma*******@postg resql.org so that your
message can get through to the mailing list cleanly

Nov 22 '05 #2

Bruno Wolff III

On Thu, Jan 29, 2004 at 23:39:23 -1000,
Susemail <su******@hawai i.rr.com> wrote:

Is this good advice?

IDENT Authentication failed for user "postgres"

This error has everything to do with the way distros set up access rights for
postgres. They are way too restrictive and leave you wondering what to do
next.

Do yourself a favour and change authentication type in pg_hba.conf to

local all trust

until you have figured out what all this stuff in pg_hba.conf does. Read about
the different authentication settings and change them as you see fit. It is
all described in detail in pg_hba.conf

If only trusted users have access to the server, this is a reasonable way
to start off while learning things. Generally using ident for local access
is the way to go unless you are using OS where it doesn't work.

---------------------------(end of broadcast)---------------------------
TIP 8: explain analyze is your friend

Nov 22 '05 #3

Jerome Lyles

On Friday 30 January 2004 01:37 am, Paul Thomas wrote:

On 30/01/2004 09:39 Susemail wrote:
[snip]
In any case I don't have a pg_hba.conf file:

You should have, unless you haven't done an initdb...

True, I hadn't done an initdb:

postgres@linux:/home/adriel> /usr/bin/initdb -D /usr/local/pgsql/data
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.

The database cluster will be initialized with locale en_US.

fixing permissions on existing directory /usr/local/pgsql/data... ok
creating directory /usr/local/pgsql/data/base... ok
creating directory /usr/local/pgsql/data/global... ok
creating directory /usr/local/pgsql/data/pg_xlog... ok
creating directory /usr/local/pgsql/data/pg_clog... ok
selecting default max_connections ... 100
selecting default shared_buffers. .. 1000
creating configuration files... ok
creating template1 database in /usr/local/pgsql/data/base/1... ok
initializing pg_shadow... ok
enabling unlimited row size for system tables... ok
initializing pg_depend... ok
creating system views... ok
loading pg_description. .. ok
creating conversions... ok
setting privileges on built-in objects... ok
creating information schema... ok
vacuuming database template1... ok
copying template1 to template0... ok

Success. You can now start the database server using:

Still not able to authenticate:

postgres@linux:/home/adriel> /usr/bin/postmaster -D /usr/local/pgsql/data
LOG: database system was shut down at 2004-01-30 08:47:05 HST
LOG: checkpoint record is at 0/9B1058
LOG: redo record is at 0/9B1058; undo record is at 0/0; shutdown TRUE
LOG: next transaction ID: 534; next OID: 17142
LOG: database system is ready
FATAL: IDENT authentication failed for user "adriel"
FATAL: IDENT authentication failed for user "adriel"
FATAL: IDENT authentication failed for user "postgres"
FATAL: IDENT authentication failed for user "postgres"

My pg_hba.conf file configuration: Is it correct?

# TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD

local all all trust
# IPv4-style local connections:
#host all all 127.0.0.1 255.255.255.255 trust
# IPv6-style local connections:
#host all all ::1
ffff:ffff:ffff: ffff:ffff:ffff: ffff:ffff trust
#local all all ident
sameuser

This is my user list:

:~> psql -l
List of databases
Name | Owner | Encoding
-----------+----------+-----------
mydb | postgres | SQL_ASCII
mydb1 | adriel | SQL_ASCII
mydb2 | postgres | SQL_ASCII
template0 | postgres | SQL_ASCII
template1 | postgres | SQL_ASCII
test | postgres | SQL_ASCII
(6 rows)
So...what am I still doing wrong?
Thanks,
Jerome

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postg resql.org

Nov 22 '05 #4

Jerome Lyles

On Friday 30 January 2004 10:23 am, Jerome Lyles wrote:

On Friday 30 January 2004 01:37 am, Paul Thomas wrote:
On 30/01/2004 09:39 Susemail wrote:
[snip]
In any case I don't have a pg_hba.conf file:
You should have, unless you haven't done an initdb...

True, I hadn't done an initdb:

Still not able to authenticate:

FATAL: IDENT authentication failed for user "adriel"
FATAL: IDENT authentication failed for user "postgres"

The problem turned out to be two copies of pg_hba. One in
"/usr/local/pgsql/data/pg_hba.conf" the other in
"/var/lib/pgsql/data/pg_hba.conf"
"/var/lib/pgsql/data/pg_hba.conf" is in the Root Directory of postgres on my
system so that's the one the system was using. I thought the system was
using the other one: "/usr/local/pgsql/data/pg_hba.conf", the only one I knew
about.
Thank you for helping me figure it out,
Jerome
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 22 '05 #5

Jerome Lyles

On Friday 30 January 2004 02:11 pm, Paul Thomas wrote:

On 30/01/2004 20:23 Jerome Lyles wrote:
On Friday 30 January 2004 01:37 am, Paul Thomas wrote:
On 30/01/2004 09:39 Susemail wrote:
> [snip]
> In any case I don't have a pg_hba.conf file:

You should have, unless you haven't done an initdb...

True, I hadn't done an initdb: So...what am I still doing wrong?
Thanks,
Jerome

You've got me really confused here. If you hadn't done an initdb and
couldn't connect to the postmaster how come you managed to create several
databases?

I did solve the problem, turns out there were two copies of pg_hba.conf.
As to how this was possible I don't know. If I did it earlier whatever I did
left "/usr/local/pgsql/data/" empty.
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postg resql.org

Nov 22 '05 #6

Similar topics

2652

simple remote user access question - pg_hda.conf

by: tj | last post by:

I can't seem to get the file configured correctly. This works: montgomery@spudbox1: psql mydb This does NOT work: montgomery@spudbox1:> psql -h 10.10.10.70 mydb psql: FATAL 1: No pg_hba.conf entry for host 10.10.10.70, user montgomery, database mydb

PostgreSQL Database

1971

ident authentication problem

by: Shanta McBain | last post by:

Hi I am running Mandrake 10 and would like to get sql-ledger to access the database. I can get in to the database with a local user at the command prompt and Web Admin. sql-ledger returns ident authentication problem.

PostgreSQL Database

8309

pg_hba.conf changes without restarting postmaster

by: Si Chen | last post by:

Hello. It seems that every time I make a change to pg_hba.conf, I have to restart the database server for the new authentication to take effect. Is there a way to have the server use the new pg_hba.conf authentication without restarting the production server. Thanks, Si

PostgreSQL Database

4194

Auto-Ident any Wrapping Lines

by: giardina | last post by:

In poetry, it's commonly accepted that if a line wraps, that line should be idented. For example, if we had a line: "The quick brown fox jumps over the lazy dog" but didn't have enough 'width' for that many characters, the appropriate way to write the text on two lines is: The quick brown fox jumps over

HTML / CSS

1797

"Modular site" mod writers name vars or use ident supplied by app

by: Tyno Gendo | last post by:

I'm writing a test "modular site". So far I have created an App class, a Module Manager class and a couple of test modules. The Manager looks in a directory called 'modules' and then for every ..php file is try to create a class of type <filenameminus the .php, so eg. for testmodule.php it tries to create a class "testmodule" and puts it into an array within the module manager called $_modules Module Manager has a dispatch_message...

PHP

1509

Conf file retrive the particular campaign

by: dsudhakara | last post by:

In my queues.conf file my text message are stored here .I want to retrieve particular campaign modify some words in particular campaign and return to save the same queues.conf file .Plz give me coding. example queues.conf ---------------------------------------------------------------- eventwhencalled = yes strategy = leastrecent timeout = 10 wrapuptime = 1

PHP

855

Ident authentication over local sockets

by: thegeek5 | last post by:

I have installed postgres on a unix server (Solaris 8) and trying to configure the system so that one login to the operating system can be used for multiple logins to postgres. I would also like to use md5 encyption for this if possible have tried editing the pg_hba.conf file to use an indent, and have added the indent to the pg_indent.conf file. I feel I must be doing some this wrong as I can’t get it to work. Please help....!!!!! Hereis my...

Microsoft SQL Server

2008

unified command line args, environment variables, .conf filesettings.

by: smitty1e | last post by:

Just a fun exercise to unify some of the major input methods for a script into a single dictionary. Here is the output, given a gr.conf file in the same directory with the contents stated below: smitty@localhost ~/proj/mddl4/test $ ./inputs.py {'source_db': '/home/sweet/home.db'} smitty@localhost ~/proj/mddl4/test $ source_db="test_env" ./inputs.py {'source_db': 'test_env'} smitty@localhost ~/proj/mddl4/test $ ./inputs.py -f "test_cli"

Python

5727

Using dll and .conf files in java web application

by: gjain123 | last post by:

Hi all, I am using netbeans as IDE and glassfish as app server for my web application. At runtime it needs some dll files and .conf file. Now the question is: 1. How should I package the .conf file into my web application war file. The scenario is that one .conf file makes use of another. e.g. if one file is a.conf and another is b.conf then the path of b.con is specified in a.conf as absolute path. How I have to change this path in case I...

Java

10363

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

10164

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...

Online Marketing

10110

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...

Windows Server

9961

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...

General

7512

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

6745

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...

C# / C Sharp

5397

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...

Networking - Hardware / Configuration

5534

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

2894

Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy

by: bsmnconsultancy | last post by:

In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

General