Postgresql configuration
Issue #599
resolved
I noticed a difference in postgresql configuration between recent versions and much older versions (e.g. v0.4.2). The previous configuration would be more compatible with other applications on the same machine using a different database within the same postgresql-cluster, I guess? Was there a good reason for changing this?
"local openrem_db openrem_user md5" vs "local all all md5"
v0.4.2:
The default security settings are too restrictive to allow access to the database.
• sudo nano /etc/postgresql/9.1/main/pg_hba.conf
• Add the following line:
– local openrem_db openrem_user md5
• sudo /etc/init.d/postgresql restart
v0.8.0b1:
The default security settings are too restrictive to allow access to the database. Assumes
version 9.4, change as appropriate.
sudo nano /etc/postgresql/9.4/main/pg_hba.conf
Scroll down to the bottom of the file and edit the following line from peer to md5:
local all all md5
Don’t worry about any lines that start with a # as they are ignored. If you can’t access the
database when everything else is configured, you might need to revisit this file and see if
there are other lines with a method of peer that need to be md5
Restart PostgreSQL so the new settings take effect:
sudo service postgresql restart
Comments (6)
-
-
reporter
Sounds like a good solution indeed!
-
Adding note about setting security for specific databases where required. Refs
#599→ <<cset 84226b755f77>>
-
Correcting syntax error, plus slight modification pointing to nano tips Refs
#599→ <<cset b87b80a722d0>>
-
- changed status to resolved
Minor correction and changes upadated. Fixes
#599→ <<cset 09efecdf3ad6>>
-
- changed milestone to 0.8.0
-
assigned issue to
Ed McDonagh
- Log in to comment
Hi @tcdewit. It was simply for convenience and simplicity so I could reduce the number of substitutions people make depending on the database name and user name. For most people, I think
all allis ok. For more advanced users, then maybe specifying the database and or the user could be useful.We could add in a simple note to say that the database name or username can be specified if you don't want a global setting.