Обсуждение: pg_hba.conf / password, crypt,md5

Поиск
Список
Период
Сортировка

pg_hba.conf / password, crypt,md5

От
Marc Ende
Дата:
Hi there,

I think it might be a well known problem, but I haven't found a solution.

I've used a postgres 7.0 before. Now I need to upgrade to an actual version (7.2.2).
In the "old" pg_hba.conf I had the both lines in the pg_hba.conf:
local    all                    password
host    all    127.0.0.1 255.255.255.255 password

now I've tried the same but now I can logon as a valid user with an invalid password.
Postgres now allows to login with any valid username without specifying a password.

After that I'm trying to use other authorization types but it didn't gave me the
security back :(

Thanks for any hint.

Yours sincerly

Marc Ende
--

Marc Ende
consulting and development
http://www.marc-ende.de/                    me@marc-ende.de

Re: pg_hba.conf / password, crypt,md5

От
Tom Lane
Дата:
Marc Ende <me@marc-ende.de> writes:
> In the "old" pg_hba.conf I had the both lines in the pg_hba.conf:
> local    all                    password
> host    all    127.0.0.1 255.255.255.255 password

That should still work ...

> now I've tried the same but now I can logon as a valid user with an
> invalid password.  Postgres now allows to login with any valid
> username without specifying a password.

Did you SIGHUP the postmaster after editing the pg_hba.conf file?
Are you sure you are editing the same file the postmaster is looking at?

            regards, tom lane

Re: pg_hba.conf / password, crypt,md5

От
"Nick Fankhauser"
Дата:
Marc-

Just a guess here, but perhaps your new install is looking for pg_hba in a
different place, so the old one isn't getting referenced. The behavior you
describe sounds a lot like a default pg_hba.

-Nick

--------------------------------------------------------------------------
Nick Fankhauser  nickf@ontko.com  Phone 1.765.935.4283  Fax 1.765.962.9788
Ray Ontko & Co.     Software Consulting Services     http://www.ontko.com/

> -----Original Message-----
> From: pgsql-admin-owner@postgresql.org
> [mailto:pgsql-admin-owner@postgresql.org]On Behalf Of Marc Ende
> Sent: Monday, September 02, 2002 7:01 PM
> To: pgsql-admin@postgresql.org
> Subject: [ADMIN] pg_hba.conf / password, crypt,md5
>
>
> Hi there,
>
> I think it might be a well known problem, but I haven't found a solution.
>
> I've used a postgres 7.0 before. Now I need to upgrade to an
> actual version (7.2.2).
> In the "old" pg_hba.conf I had the both lines in the pg_hba.conf:
> local    all                    password
> host    all    127.0.0.1 255.255.255.255 password
>
> now I've tried the same but now I can logon as a valid user with
> an invalid password.
> Postgres now allows to login with any valid username without
> specifying a password.
>
> After that I'm trying to use other authorization types but it
> didn't gave me the
> security back :(
>
> Thanks for any hint.
>
> Yours sincerly
>
> Marc Ende
> --
>
> Marc Ende
> consulting and development
> http://www.marc-ende.de/                    me@marc-ende.de
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
>


Re: pg_hba.conf / password, crypt,md5

От
"Chad R. Larson"
Дата:
At 07:56 PM 9/2/02 -0500, Nick Fankhauser wrote:
>Just a guess here, but perhaps your new install is looking for pg_hba in a
>different place, so the old one isn't getting referenced. The behavior you
>describe sounds a lot like a default pg_hba.

He said he last was using 7.0.  He should be aware that as of 7.2, the
postmaster stopped reading pg_hba.conf on each connection.  It needs a
"kill -HUP" to read the file.


         -crl
--
Chad R. Larson (CRL22)    chad@eldocomp.com
   Eldorado Computing, Inc.   602-604-3100
      5353 North 16th Street, Suite 400
        Phoenix, Arizona   85016-3228