Re: confirming security.

From: John R Pierce <pierce(at)hogranch(dot)com>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: confirming security.
Date: 2013-02-22 19:35:08
Message-ID: 5127C86C.4020505@hogranch.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general pgsql-jdbc

On 2/22/2013 8:13 AM, Maz Mohammadi wrote:
> Ahhh yes....it is now...
>
> ===========
> # TYPE DATABASE USER ADDRESS METHOD
> # "local" is for Unix domain socket connections only
> #local all all trust
> # IPv4 local connections:
> #host all all 127.0.0.1/32 trust
> # IPv6 local connections:
> #host all all ::1/128 trust
> # Allow replication connections from localhost, by a user with the
> # replication privilege.
> #local replication postgres-xc trust
> #host replication postgres-xc 127.0.0.1/32 trust
> #host replication postgres-xc ::1/128 trust
> hostssl all all 127.0.0.1/32 cert

I would leave a local line in front of that like..

local all postgres peer

this will allow the postgres user to log on regardless when using unix
sockets rather than tcp/ip (eg, when not specifying any -h hostname).
handy for database administration and fixing problems.

--
john r pierce 37N 122W
somewhere on the middle of the left coast

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Kevin Grittner 2013-02-22 19:59:01 Re: Need help extripating plpgsql
Previous Message Vitalii Tymchyshyn 2013-02-22 17:56:01 Re: can't access through SSL

Browse pgsql-jdbc by date

  From Date Subject
Next Message Maz Mohammadi 2013-02-22 20:42:06 Re: confirming security.
Previous Message Kris Jurka 2013-02-22 18:34:24 Re: JDBC - PreparedStatement reuse oddity when using setObject() with nulls and setTimestamp()