Quick Links

Re: BUG #5763: pg_hba.conf not honored

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	"Kaiting Chen" <kaitocracy(at)gmail(dot)com>
Cc:	pgsql-bugs(at)postgresql(dot)org
Subject:	Re: BUG #5763: pg_hba.conf not honored
Date:	2010-11-23 15:29:43
Message-ID:	8761.1290526183@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

"Kaiting Chen" <kaitocracy(at)gmail(dot)com> writes:
> From this pg_hba configuration as the user 'kaiting.chen' is not in role
> 'service' the second entry in the table should be skipped and he should
> authenticate via GSSAPI. However this does not happen.

I believe the definition of "in role" we use here is "has the privileges
of role". Since kaiting.chen is a superuser, all privilege tests will
succeed for him, including that one. IOW, a superuser is automatically
a member of every role. This isn't a bug.

regards, tom lane

In response to

BUG #5763: pg_hba.conf not honored at 2010-11-23 08:34:19 from Kaiting Chen

Responses

Re: BUG #5763: pg_hba.conf not honored at 2010-11-28 12:56:37 from Robert Haas

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Jonathan Pool	2010-11-23 18:08:07	Documentation bug: Chapter 35.4, paragraph 4
Previous Message	Jon Nelson	2010-11-23 14:37:02	Re: temporary tables, and lots of 0 byte files