Re: 8.4 vs. 9.x: 127.0.0.0/8

Поиск
Список
Период
Сортировка
От Felipe Gasper
Тема Re: 8.4 vs. 9.x: 127.0.0.0/8
Дата
Msg-id 55CC2E7A.7040504@felipegasper.com
обсуждение исходный текст
Ответ на Re: 8.4 vs. 9.x: 127.0.0.0/8  (Martín Marqués <martin@2ndquadrant.com>)
Список pgsql-general
Дерево обсуждения 
Dear Martín,

    Thank you for leading us to the right solution!

    (We’re also suspecting some change in the networking stack from CentOS
6 to 7 may be playing a part here, too, FYI.)

-FG

On 11 Aug 2015 6:30 PM, Martín Marqués wrote:
> I think there might be some misunderstanding here:
>
> El 11/08/15 a las 17:19, Felipe Gasper escribió:
>> Hello all,
>>
>>      We are noticing what appears to be a significant difference between
>> PostgreSQL 9.x and 8.4. Not having found documentation that would point
>> us in the direction of a good solution, I thought I’d post our issue here.
>>
>> On CentOS 6 we have postgresql 8.4.20 and the following pg_hba.conf:
>>
>> local samerole all        md5
>> host samerole all  127.0.0.200   255.255.255.255   pam
>> pamservice=postgresql_cpses
>> host samerole all  127.0.0.1   255.255.255.255   md5
>> local all postgres        md5
>> host all postgres  127.0.0.1   255.255.255.255   md5
>>
>> So connections to 127.0.0.200 are handled by pam, connections to
>> 127.0.0.1 are handled by md5.
>
> No! This means that connections that come from 127.0.0.200 are handled
> by pam, not connection *to*. Same for 127.0.0.1 (which in this case
> means nothing).
>
>> If I run:
>> root@jason:/$ psql -h 127.0.0.200 -U pguser
>> Password for user pguser:
>> psql: FATAL:  PAM authentication failed for user "pguser"
>
> Which is the source IP where this command is executed.
>
>> You can see it tried to authenticate using PAM authentication.
>>
>> On CentOS 7 we have postgresql 9.2.13 and the following pg_hba.conf:
>>
>> local samerole all        md5
>> host samerole all  127.0.0.200   255.255.255.255   pam
>> pamservice=postgresql_cpses
>> host samerole all  127.0.0.1   255.255.255.255   md5
>> local all postgres        md5
>> host all postgres  127.0.0.1   255.255.255.255   md5
>>
>> But, running the command above yields a different result:
>> root@i-0000764a [/usr/local/cpanel]# psql -h 127.0.0.200 -U pguser
>> Password for user pguser:
>> psql: FATAL:  password authentication failed for user "pguser"
>
> Well, which is the IP from where you are running this command?
>
> I guess the answer is in some place around that.
>
> Regards,
>

В списке pgsql-general по дате отправления:

Предыдущее
От: "Joshua D. Drake"
Дата:
Сообщение: Re: Sync replication + high latency server
Следующее
От: Aviel Buskila
Дата:
Сообщение: repmgr won't update witness after failover