Re: How to confirm the pg_hba.conf service is correctly working

*DEAR TOM*

just one PG instance in host

I did an experiment
When I remove pg and reinstall pg, the function of pg_hba is working
,represent that the location of pg_hba is right

----- remove
yum remove postgresql*

--- install
yum -y install
https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm

yum install postgresql10 postgresql10-server postgresql10-contrib
postgresql10-libs postgresql10-dev* -y

-----------
I have Check again the content of pg_hba.conf and "select * from
pg_hba_file_rules" consistent

Yes, this question is very tricky

Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> 於 2021年12月21日 週二 下午10:42寫道：

> shing dong <s7eqs7eq(at)gmail(dot)com> writes:
> > 1. The rules in pg_hba.conf are almost invalid
> > 2. pg_hba.conf is only useful for METHOD = trust
> > 3. check SHOW hba_file; the file location is correct
> > 4. select * from pg_hba_file_rules; checked is correct
> > 5.DB version : PostgreSQL 10.19 on x86_64-pc-linux-gnu, compiled by gcc
> > (GCC) 4.8.5 20150623 (Red Hat 4.8.5-44), 64-bit
> > Even if you delete the text in pg_hba.conf
> > Keep only
> > host VJ VJ_USER 10.10.10.1/32 md5
> > After pg_ctl reload and Restart DB , any ip, user still can log in to
> DB
>
> It's hard to say where your mistake is, but probably the first
> thing to check is whether you're really restarting the postmaster.
> I'm wondering in particular if there's more than one PG instance
> on the machine and you're reconfiguring or restarting the wrong
> one. Other than that, retrace your steps carefully, because at
> least one of the above statements must be wrong.
>
> (I guess if you were feeling *really* paranoid, you could wonder
> whether somebody replaced your postmaster executable with a hacked
> version that doesn't apply any pg_hba checks. But pilot error
> seems like a far more probable explanation.)
>
> regards, tom lane
>