[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Almost done with manual for Gentoo - but need some help



On 9/17/07, Joseph <..hidden..> wrote:
> OK, I still stuck.
>
> I did:
> edgersmb_db=# UPDATE users_conf SET password = md5('syscon') WHERE id = 1;
> UPDATE 1
> ledgersmb_db=# \q
>
> # /etc/init.d/postgresql restart
>
> But When I'm trying to login:
> $ psql -U ledgersmb
> Password:
> psql: FATAL:  password authentication failed for user "ledgersmb"
>
> I have in: pg_hba.conf
> local   all         all                               md5
> host    all         all         127.0.0.1/32        md5
>
>
> I am always getting stuck on this part.

This can be confusing.  The pg_hba.conf file refers to how the
postgreSQL server identifies and authenticates external users to the
server itself.  So to log into the server as ledgersmb, you'd need a
system user called ledgersmb with an md5 password (see the createuser
command).

Once you're authenticated to the server process and allowed to connect
to a particular table, now you use the internal table in ledgersmb to
access ledgersmb itself (that's what the user_conf table is all
about).

Easiest way to do this is:
If apache is on the same server as postgresql, change the pg_hba.conf
line from md5 to trust.  Make sure you only do this on lines that
reference localhost or 127.0.0.1 (and only on a system no one can log
into as a user).

Big security note:  this is not the recommended (and certainly not the
most secure way) to do this, but it tears down one of the gauntlets.
Once you read up on and understand how PostgreSQL security works,
you'll likely want to remove the trust.

If Apache and PostgreSQL are on different servers, you need to start
reading the PostgreSQL administrators manual.

Ciao,

David A. Bandel
-- 
Focus on the dream, not the competition.
            - Nemesis Air Racing Team motto