[Dbconfig-common-devel] Status of "editing pg_hba.conf"
Karsten Hilbert
Karsten.Hilbert at gmx.net
Thu Jan 25 11:59:18 CET 2007
On Thu, Jan 25, 2007 at 10:45:42AM +0100, sean finney wrote:
> *however*, i think at this point it's become more or less a moot issue,
> because (iirc) the default postgres configuration allows password-based
> authentication for connections on the loopback device, so applications
> requiring passwords should "just work" on the local host
Well, see, that may not be enough, I fear. The situation is
this:
- assuming a default PostgreSQL install
- user wants to install/upgrade GNUmed server package
- apt-get runs as root
- GNUmed installer runs as root
- installer can SU to postgres
- GNUmed installer connects postgres to template1
- why: to create GNUmed database owner "gm-dbo" and
group roles inside PG
- this can be done by su-ing to user postgres
- GNUmed creates PG user gm-dbo and group roles
- no equivalent user exists at the OS level
- should there for authentication ?
- GNUmed connects superuser to GNUmed template db
- why: to verify template database hash
- the template database can anything from
template1 to another (previous) GNUmed
database
- this can be done by su-ing to user postgres
- GNUmed creates new GNUmed database
- owned by PG user gm-dbo
- GNUmed connects superuser to new GNUmed database
- why: to run postgres-only DDL
- this sets up procedural languages and
SECURITY-DEFINER stored procs for adding
users to the database
- this can be done by su-ing to user postgres
- GNUmed connects gm-dbo to new GNUmed database
- why: to run the rest of the GNUmed DDL such
that everything is owned by gm-dbo
- not every PG object can be given explicit
ownership yet (we still support PG 7.4)
- this can be done by requiring md5 access
for gm-dbo even on UNIX domain sockets
!!!!!!!!!!!!
- for that, however, we need to edit pg_hba.conf
- personally, I am fine with popping up an editor
with pg_hba.conf in it and showing instructions
on what to do
!!!!!!!!!!!!
Martin, are you listening on this list ?
> and for remote password-connections,
> there's not much to be done there since it's beyond the scope of our
> abilities to edit files on the remote host.
No question about that.
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
More information about the Dbconfig-common-devel
mailing list