Re: confusion about user paring with pg_hba and pg_ident

On Tue, Oct 11, 2016 at 4:20 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:

> arnaud gaboury <arnaud(dot)gaboury(at)gmail(dot)com> writes:
>
> > I am a little confused about some of my settings when it comes to map
>
> > linux/psql users.
>
>
>
> I think you're misunderstanding what the user-mapping stuff does.
>
> It does not silently translate the username in the connection request
>
> to something else; rather, it checks whether a user having the given
>
> external name is allowed to log in as a particular Postgres user.
>
> So there's nothing particularly wrong with your config files, but your
>
> expectation about how your Linux users should log in to the database is
>
> mistaken. dovecot needs to specify that it wants to log in as mailman,
>
> and likewise mattermost needs to specify mmuser.
>
>
>
> If it's not practical to make the client applications send non-default
>
> user names, you'll need to rename the Postgres roles to match the
> external user names.

Tom,

thank you for this point. I am not sure to understand the last part:
<rename the Postgres roles to match the external user names>. Do you mean
best would be for dovecot to log in as dovecot Postgres user, and
mattermost as mattermost Postgres user ?
Thank you for precising.

.

>
>
>
> regards, tom lane
>
>