Hi
I am running Mandrake 10 and would like to get sql-ledger to access the
database.
I can get in to the database with a local user at the command prompt and Web
Admin.
sql-ledger returns ident authentication problem.
the included faq
has this to say
IDENT Authentication failed for user "postgres"
This error has everything to do with the way distros set up access rights
for postgres. They are way too restrictive and leave you wondering what to do
next.
Do yourself a favour and change authentication type in pg_hba.conf to
local all trust
I can't locate this file.
Any suggestions as to how to get SQL-Ledger online?
--
Thanks
Shanta McBain Http://computersystemconsulting.ca Web hosting and Application Hosting.
---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to ma*******@postg resql.org so that your
message can get through to the mailing list cleanly
Nov 23 '05
20  1971 
Karsten Hilbert <Ka************ *@gmx.net> wrote: I am running Mandrake 10 and would like to get sql-ledger to access the
database.
the included faq
has this to say
Do yourself a favour and change authentication type in pg_hba.conf to
local all trust
If you follow this sage advice you'll open up your financial
data to anyone happening to have an account on the machine in
question. Anyone. Not just people who also happen to have
*PostgreSQL* DB accounts.
[snip]
How, exactly, is that?
--
Jim Seymour | Spammers sue anti-spammers: js******@LinxNe t.com | http://www.LinxNet.com/misc/spam/slapp.php http://jimsun.LinxNet.com | Please donate to the SpamCon Legal Fund:
| http://www.spamcon.org/legalfund/
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faqs/FAQ.html
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 21 April 2004 04:53 pm, Shanta McBain wrote: On April 21, 2004 13:26, Karsten Hilbert wrote: If you follow this sage advice you'll open up your financial
data to anyone happening to have an account on the machine in
question. Anyone. Not just people who also happen to have
*PostgreSQL* DB accounts.
Did not sound like the right thing todo That is why I asked. I am new to
Postgres.
Including any internet user visiting your pages if they
succeed in getting your http server to run some script (if, of
course, sql-ledger is on the exposed machine, which it
shouldn't).
It's not. But I would rather not open it to the world anyway.
I can't locate this file.
It's in a directory off the home dir of the PostgreSQL system
account running the backends.
Do yourself a favour and read up on ident maps for PG
authentication.
Thanks for pointing me to what I needed to read to get it to see the
database. It now accept the authentication but complains of a missing
directory or file.
This I don't know if it is SQL-Ledger problem or in Postgres. I will look
deeper to find out.
Seems like all Mandrake setup for these kinds of services are not smooth.I
have had repeated problems with getting MySQL, Perl DBI, etc working. Once
I have gone through the process though it works well.
It's not really a Mandrake problem. They are pretty close to Redhat. The
problem is, that a lot of the packages, particularly rpm's are made for
redhat and not Mandrake. So often you end up using a redhat rpm because a
mandrake one was nowhere to find and the some tiny bit doesn't fit in.
UC
- --
Open Source Solutions 4U, LLC 2570 Fleetwood Drive
Phone: +1 650 872 2425 San Bruno, CA 94066
Cell: +1 650 302 2405 United States
Fax: +1 650 872 2417
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAhw7ljqG XBvRToM4RAjHVAJ 4m14HTw4xVIN9kI R/zXUk8a7mJqQCgmD 5y
9V68Y4KE5bDxc0Y x1LHEWsU=
=6SM+
-----END PGP SIGNATURE-----
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 21 April 2004 04:53 pm, Shanta McBain wrote: On April 21, 2004 13:26, Karsten Hilbert wrote: If you follow this sage advice you'll open up your financial
data to anyone happening to have an account on the machine in
question. Anyone. Not just people who also happen to have
*PostgreSQL* DB accounts.
Did not sound like the right thing todo That is why I asked. I am new to
Postgres.
Including any internet user visiting your pages if they
succeed in getting your http server to run some script (if, of
course, sql-ledger is on the exposed machine, which it
shouldn't).
It's not. But I would rather not open it to the world anyway.
I can't locate this file.
It's in a directory off the home dir of the PostgreSQL system
account running the backends.
Do yourself a favour and read up on ident maps for PG
authentication.
Thanks for pointing me to what I needed to read to get it to see the
database. It now accept the authentication but complains of a missing
directory or file.
This I don't know if it is SQL-Ledger problem or in Postgres. I will look
deeper to find out.
Seems like all Mandrake setup for these kinds of services are not smooth.I
have had repeated problems with getting MySQL, Perl DBI, etc working. Once
I have gone through the process though it works well.
It's not really a Mandrake problem. They are pretty close to Redhat. The
problem is, that a lot of the packages, particularly rpm's are made for
redhat and not Mandrake. So often you end up using a redhat rpm because a
mandrake one was nowhere to find and the some tiny bit doesn't fit in.
UC
- --
Open Source Solutions 4U, LLC 2570 Fleetwood Drive
Phone: +1 650 872 2425 San Bruno, CA 94066
Cell: +1 650 302 2405 United States
Fax: +1 650 872 2417
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAhw7ljqG XBvRToM4RAjHVAJ 4m14HTw4xVIN9kI R/zXUk8a7mJqQCgmD 5y
9V68Y4KE5bDxc0Y x1LHEWsU=
=6SM+
-----END PGP SIGNATURE-----
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
Jim Seymour wrote: Karsten Hilbert <Ka************ *@gmx.net> wrote:If you follow this sage advice you'll open up your financial
data to anyone happening to have an account on the machine in
question. Anyone. Not just people who also happen to have
*PostgreSQL * DB accounts.
[snip]
How, exactly, is that?
The magic is in the -U flag for psql:
psql -U pg_superuser any_db
Greg
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
Jim Seymour wrote: Karsten Hilbert <Ka************ *@gmx.net> wrote:If you follow this sage advice you'll open up your financial
data to anyone happening to have an account on the machine in
question. Anyone. Not just people who also happen to have
*PostgreSQL * DB accounts.
[snip]
How, exactly, is that?
The magic is in the -U flag for psql:
psql -U pg_superuser any_db
Greg
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
> > > Do yourself a favour and change authentication type in pg_hba.conf to
local all trust
If you follow this sage advice you'll open up your financial
data to anyone happening to have an account on the machine in
question. Anyone. Not just people who also happen to have
*PostgreSQL* DB accounts.
How, exactly, is that?
a) it seems SQL ledger wants to store data in PostgreSQL
b) I assume it wants to store *financial* data
c) local/all/trust means *all* *local* users are *trusted*, eg
don't require any authentication, hence system account foo
can access *all* databases (including the SQL-ledger one)
even though foo does not have a corresponding DB account
Assuming, that there aren't any schema level restrictions
(GRANTs) set up which may or may not be the case. Forgot to
mention that point earlier on.
Or am I missing something ?
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings
> > > Do yourself a favour and change authentication type in pg_hba.conf to
local all trust
If you follow this sage advice you'll open up your financial
data to anyone happening to have an account on the machine in
question. Anyone. Not just people who also happen to have
*PostgreSQL* DB accounts.
How, exactly, is that?
a) it seems SQL ledger wants to store data in PostgreSQL
b) I assume it wants to store *financial* data
c) local/all/trust means *all* *local* users are *trusted*, eg
don't require any authentication, hence system account foo
can access *all* databases (including the SQL-ledger one)
even though foo does not have a corresponding DB account
Assuming, that there aren't any schema level restrictions
(GRANTs) set up which may or may not be the case. Forgot to
mention that point earlier on.
Or am I missing something ?
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings
On Thu, Apr 22, 2004 at 01:58:14PM +0200, Karsten Hilbert wrote: a) it seems SQL ledger wants to store data in PostgreSQL
b) I assume it wants to store *financial* data
c) local/all/trust means *all* *local* users are *trusted*, eg
don't require any authentication, hence system account foo
can access *all* databases (including the SQL-ledger one)
even though foo does not have a corresponding DB account
Assuming, that there aren't any schema level restrictions
(GRANTs) set up which may or may not be the case. Forgot to
mention that point earlier on.
If the data is protected by GRANT/REVOKE, a malicious (or curious) user
can work around them by connecting as the database superuser, so in
practice there's no protection at all.
--
Alvaro Herrera (<alvherre[a]dcc.uchile.cl>)
"Acepta los honores y aplausos y perderás tu libertad"
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddres sHere" to ma*******@postg resql.org)
On Thu, Apr 22, 2004 at 01:58:14PM +0200, Karsten Hilbert wrote: a) it seems SQL ledger wants to store data in PostgreSQL
b) I assume it wants to store *financial* data
c) local/all/trust means *all* *local* users are *trusted*, eg
don't require any authentication, hence system account foo
can access *all* databases (including the SQL-ledger one)
even though foo does not have a corresponding DB account
Assuming, that there aren't any schema level restrictions
(GRANTs) set up which may or may not be the case. Forgot to
mention that point earlier on.
If the data is protected by GRANT/REVOKE, a malicious (or curious) user
can work around them by connecting as the database superuser, so in
practice there's no protection at all.
--
Alvaro Herrera (<alvherre[a]dcc.uchile.cl>)
"Acepta los honores y aplausos y perderás tu libertad"
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddres sHere" to ma*******@postg resql.org)
On April 22, 2004 04:58, Karsten Hilbert wrote:
How, exactly, is that?
a) it seems SQL ledger wants to store data in PostgreSQL
It is the prefred database but I think you can use others.
b) I assume it wants to store *financial* data
Yes It is an accounting package.
c) local/all/trust means *all* *local* users are *trusted*, eg
don't require any authentication, hence system account foo
can access *all* databases (including the SQL-ledger one)
even though foo does not have a corresponding DB account
Assuming, that there aren't any schema level restrictions
(GRANTs) set up which may or may not be the case. Forgot to
mention that point earlier on.
Or am I missing something ?
I think the SQL-ledger docs were thinking in terms of a stand alone system. My
asking this question has gotten some interesting discoution of authentication
and security. I used the suggestion on mapping the users So postgress would
be able to relate to the SQL ledger user and the allowed postgress user. This
meant that SQL-ledger may access the database without open the database to
attack. Much better solution for sure.
--
Thanks for the help.
Shanta McBain Http://computersystemconsulting.ca Web hosting and Application Hosting.
---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to ma*******@postg resql.org so that your
message can get through to the mailing list cleanly This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Michael Foord |
last post by:
#!/usr/bin/python -u
# 15-09-04
# v1.0.0
# auth_example.py
# A simple script manually demonstrating basic authentication.
# Copyright Michael Foord
# Free to use, modify and relicense.
# No warranty express or implied for the accuracy, fitness to purpose
|
by: Ming Zhang |
last post by:
Hi guys,
I have couple of ASP.NET applications that only support digest windows
authentication, and credentials are managed in a central AD. When users
login to one app, they can easily navigate to other apps without reenter
UID/PWD. Everything works except it doesn't meet our security policy for new
created users. When creating a new user, it's required to have "user must
change password when first time login". In this case, the user will...
|
by: Susemail |
last post by:
Is this good advice?
IDENT Authentication failed for user "postgres"
This error has everything to do with the way distros set up access rights for
postgres. They are way too restrictive and leave you wondering what to do
next.
Do yourself a favour and change authentication type in pg_hba.conf to
|
by: Shanta McBain |
last post by:
Hi
I am running Mandrake 10 and would like to get sql-ledger to access the
database.
I can get in to the database with a local user at the command prompt and Web
Admin.
sql-ledger returns ident authentication problem.
|
by: Frank Swarbrick |
last post by:
I am trying to understand "client authentication" works. My environment is
DB2/UDB LUW 8.2 on zSeries SLES9 as the database server and DB2 for VSE 7.4
as the client. We currently have DB2/LUW set up as follows:
Client Userid-Password Plugin (CLNT_PW_PLUGIN) =
Client Kerberos Plugin (CLNT_KRB_PLUGIN) =
Group Plugin (GROUP_PLUGIN) =
GSS Plugin for Local Authorization ...
| | |
by: giardina |
last post by:
In poetry, it's commonly accepted that if a line wraps, that line should be idented.
For example, if we had a line:
"The quick brown fox jumps over the lazy dog"
but didn't have enough 'width' for that many characters, the appropriate way to write the text on two lines is:
The quick brown fox jumps over
|
by: Tyno Gendo |
last post by:
I'm writing a test "modular site". So far I have created an App class,
a Module Manager class and a couple of test modules.
The Manager looks in a directory called 'modules' and then for every
..php file is try to create a class of type <filenameminus the .php, so
eg. for testmodule.php it tries to create a class "testmodule" and puts
it into an array within the module manager called $_modules
Module Manager has a dispatch_message...
|
by: =?Utf-8?B?R3V1czEyMw==?= |
last post by:
Hi,
I created a web site on a remote server. To logon the user must enter a user
id and password. The site is uses Forms Authentication.
The web config file looks as follows:
<configuration>
<system.web>
<customErrors mode="Off"/>
|
by: thegeek5 |
last post by:
I have installed postgres on a unix server (Solaris 8) and trying to configure the system so that one login to the operating system can be used for multiple logins to postgres. I would also like to use md5 encyption for this if possible have tried editing the pg_hba.conf file to use an indent, and have added the indent to the pg_indent.conf file. I feel I must be doing some this wrong as I can’t get it to work. Please help....!!!!!
Hereis my...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
