Re: Using both ident and password in pg_hba.conf

On 05/09/2016 12:44 PM, D'Arcy J.M. Cain wrote:
> Here's my situation.  I have a mix of users.  Some are running PHP
> sites and some are not.  PHP runs as the web server owner, "nobody."
> Everyone else runs as their own user.
>
> Since the PHP sites run as nobody I want to require password but accept
> ident (from the server I control) for the rest.  There does not appear
> to be a way to specif that.  Here was one attempt:
>
> host    all       nobody   192.168.151.75/32       password
> host    all       all      192.168.151.75/32       ident
>
> But that doesn't work.  The actual user according to ident is nobody
> but the request is for a specific user.  As a result it isn't
> recognized by the first line so it tries ident anyway and fails.
>
> Is there any way to accomplish what I want?  Any help appreciated.

So define PHP runs as 'nobody'?

Is that the script's user permissions?

Or is that the database user the script is connecting as?

Is 'nobody' defined as a database user?

>
> Cheers.
>


--
Adrian Klaver
adrian.klaver@aklaver.com