| From: | Mike Blackwell <mike(dot)blackwell(at)rrd(dot)com> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #9518: temporary login failure - "missing pg_hba entry" |
| Date: | 2014-03-28 21:36:49 |
| Message-ID: | CANPAkgvUyUgYx3eNG_Sodo5u05B-_TeO4oeKev+6S4-wtn9qiw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-hackers |
This particular host is listed in pg_hba.conf by host name rather than by
IP address. Is it possible this error is due to an intermittent DNS
failure?
__________________________________________________________________________________
*Mike Blackwell | Technical Analyst, Distribution Services/Rollout
Management | RR Donnelley*
1750 Wallace Ave | St Charles, IL 60174-3401
Office: 630.313.7818
Mike(dot)Blackwell(at)rrd(dot)com
http://www.rrdonnelley.com
<http://www.rrdonnelley.com/>
* <Mike(dot)Blackwell(at)rrd(dot)com>*
On Mon, Mar 10, 2014 at 10:06 AM, Mike Blackwell <mike(dot)blackwell(at)rrd(dot)com>wrote:
> Hmm... Interesting thought. The server is built with SSL, but there's
> nothing on the app side that's explicitly enabling SSL, nor is the user
> account in question set up for SSL. That's on the TODO list at the moment.
> :)
>
> So, looks like that's not it. Thanks, though. I'd missed that
> possibility.
>
>
> __________________________________________________________________________________
> *Mike Blackwell | Technical Analyst, Distribution Services/Rollout
> Management | RR Donnelley*
> 1750 Wallace Ave | St Charles, IL 60174-3401
> Office: 630.313.7818
> Mike(dot)Blackwell(at)rrd(dot)com
> http://www.rrdonnelley.com
>
>
> <http://www.rrdonnelley.com/>
> * <Mike(dot)Blackwell(at)rrd(dot)com>*
>
>
> On Mon, Mar 10, 2014 at 9:58 AM, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>wrote:
>
>> mike(dot)blackwell(at)rrd(dot)com wrote:
>>
>> > 2014-03-09 19:53:18 CDT [30633]: [1-1] username(at)databasename10(dot)17(dot)x(dot)y(53455)FATAL: 28000: no pg_hba.conf entry for host "10.17.x.y",
>> user "username", database "databasename", SSL off
>> > 2014-03-09 19:53:18 CDT [30633]: [2-1] username(at)databasename10(dot)17(dot)x(dot)y(53455)LOCATION: ClientAuthentication, auth.c:486
>>
>> > 2014-03-09 20:05:15 CDT [32505]: [1-1] username(at)databasename10(dot)17(dot)x(dot)y(54134)LOG: 00000: duration: 13641.600 ms execute dbdpg_p28498_2:
>> >
>> > select ...;
>> >
>> > 2014-03-09 20:05:15 CDT [32505]: [2-1] username(at)databasename10(dot)17(dot)x(dot)y(54134)LOCATION: exec_execute_message, postgres.c:1991
>> >
>> > The auth failure shows up seven times over a span of approximately six
>> > seconds, with the one above being the last of the sequence.
>>
>> So the connection that actually executes queries, is using SSL? I'm
>> betting it's first trying one without SSL, failing, then trying with
>> SSL and succeeding.
>>
>> --
>> Álvaro Herrera http://www.2ndQuadrant.com/
>> PostgreSQL Development, 24x7 Support, Training & Services
>>
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Craig Ringer | 2014-03-29 13:04:30 | Re: Re: BUG #9611: Current jdbc driver doesn't support any classes in Java 8 java.time |
| Previous Message | Jeff Janes | 2014-03-28 17:39:52 | Re: BUG #9756: Inconsistent database after OS restart |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hiroshi Inoue | 2014-03-28 22:16:35 | Re: Re: [HACKERS] New parameter RollbackError to control rollback behavior on error |
| Previous Message | Tom Lane | 2014-03-28 21:33:55 | Re: Composite Datums containing toasted fields are a bad idea(?) |