| From: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
|---|---|
| To: | "D'Arcy J(dot)M(dot) Cain" <darcy(at)druid(dot)net>, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Using both ident and password in pg_hba.conf |
| Date: | 2016-05-09 20:02:53 |
| Message-ID: | ab5b9cd3-556b-200c-2408-12c23722b97d@aklaver.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 05/09/2016 12:44 PM, D'Arcy J.M. Cain wrote:
> Here's my situation. I have a mix of users. Some are running PHP
> sites and some are not. PHP runs as the web server owner, "nobody."
> Everyone else runs as their own user.
>
> Since the PHP sites run as nobody I want to require password but accept
> ident (from the server I control) for the rest. There does not appear
> to be a way to specif that. Here was one attempt:
>
> host all nobody 192.168.151.75/32 password
> host all all 192.168.151.75/32 ident
>
> But that doesn't work. The actual user according to ident is nobody
> but the request is for a specific user. As a result it isn't
> recognized by the first line so it tries ident anyway and fails.
>
> Is there any way to accomplish what I want? Any help appreciated.
So define PHP runs as 'nobody'?
Is that the script's user permissions?
Or is that the database user the script is connecting as?
Is 'nobody' defined as a database user?
>
> Cheers.
>
--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | D'Arcy J.M. Cain | 2016-05-09 20:18:39 | Re: Using both ident and password in pg_hba.conf |
| Previous Message | D'Arcy J.M. Cain | 2016-05-09 19:44:28 | Using both ident and password in pg_hba.conf |