Re: confusion about user paring with pg_hba and pg_ident

On 10/11/2016 04:25 AM, arnaud gaboury wrote:
> I am a little confused about some of my settings when it comes to map
> linux/psql users.
>
> I have two databases: mattermost and thetradinghall
> I have two linux users: mattermost and dovecot. mattermost is the one
> who want to talk to mattermost and dovecot the one who want to talk to
> thetradinghall.
> I have two postresql users: mmuser and mailman.
>
> Here are the relevant part of my config files:
>
> pg_hba.conf
> -------------------
> local thetradinghall mailman peer
> map=mailmap
> local mattermost mmuser peer
> map=mattermap
>
> pg_ident.conf
> ----------------------
> mailmap dovecot mailman
> mattermap mattermost mmuser
>
> * question: can I use same mapname for my both DB, or using two mapnames
> like I did is the correct way?

Yes:

https://www.postgresql.org/docs/9.5/static/auth-username-maps.html

"Since different mappings might be needed for different connections, the
name of the map to be used is specified in the map-name parameter in
pg_hba.conf to indicate which map to use for each individual connection."

>
> Now testing:
> -----------------------------
> bash-4.3$ whoami
> mattermost
> bash-4.3$ psql postgres:///mattermost?
> psql: FATAL: no pg_hba.conf entry for host "[local]", user
> "mattermost", database "mattermost", SSL off
> -----------------------------------
>
> I thought my settings told postgres that linux user mattermost was
> mapped by psql user mmuser (which of course holds the mattermost DB),
> but it seems it is not the case.
> What do I do wrong?

Did you remember to reload Postgres?

>
> Thank you for help.
>
>
>

--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com