From: | arnaud gaboury <arnaud(dot)gaboury(at)gmail(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: confusion about user paring with pg_hba and pg_ident |
Date: | 2016-10-12 08:30:19 |
Message-ID: | CAK1hC9u3_WOhrA-_r8M8PS-A4z=N5VzwvuQKaFsSY5CUny0adw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Tue, Oct 11, 2016 at 4:20 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> arnaud gaboury <arnaud(dot)gaboury(at)gmail(dot)com> writes:
>
> > I am a little confused about some of my settings when it comes to map
>
> > linux/psql users.
>
>
>
> I think you're misunderstanding what the user-mapping stuff does.
>
> It does not silently translate the username in the connection request
>
> to something else; rather, it checks whether a user having the given
>
> external name is allowed to log in as a particular Postgres user.
>
> So there's nothing particularly wrong with your config files, but your
>
> expectation about how your Linux users should log in to the database is
>
> mistaken. dovecot needs to specify that it wants to log in as mailman,
>
> and likewise mattermost needs to specify mmuser.
>
>
>
> If it's not practical to make the client applications send non-default
>
> user names, you'll need to rename the Postgres roles to match the
> external user names.
Tom,
thank you for this point. I am not sure to understand the last part:
<rename the Postgres roles to match the external user names>. Do you mean
best would be for dovecot to log in as dovecot Postgres user, and
mattermost as mattermost Postgres user ?
Thank you for precising.
.
>
>
>
> regards, tom lane
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | arnaud gaboury | 2016-10-12 09:07:24 | Re: confusion about user paring with pg_hba and pg_ident |
Previous Message | Albe Laurenz | 2016-10-12 07:50:26 | Re: SERIALIZABLE and INSERTs with multiple VALUES |