Postgresql configuration
Issue #599
resolved
I noticed a difference in postgresql configuration between recent versions and much older versions (e.g. v0.4.2). The previous configuration would be more compatible with other applications on the same machine using a different database within the same postgresql-cluster, I guess? Was there a good reason for changing this?
"local openrem_db openrem_user md5" vs "local all all md5"
v0.4.2:
The default security settings are too restrictive to allow access to the database. • sudo nano /etc/postgresql/9.1/main/pg_hba.conf • Add the following line: – local openrem_db openrem_user md5 • sudo /etc/init.d/postgresql restart
v0.8.0b1:
The default security settings are too restrictive to allow access to the database. Assumes version 9.4, change as appropriate. sudo nano /etc/postgresql/9.4/main/pg_hba.conf Scroll down to the bottom of the file and edit the following line from peer to md5: local all all md5 Don’t worry about any lines that start with a # as they are ignored. If you can’t access the database when everything else is configured, you might need to revisit this file and see if there are other lines with a method of peer that need to be md5 Restart PostgreSQL so the new settings take effect: sudo service postgresql restart
Comments (6)
-
-
reporter
Sounds like a good solution indeed!
-
Adding note about setting security for specific databases where required. Refs
#599→ <<cset 84226b755f77>>
-
Correcting syntax error, plus slight modification pointing to nano tips Refs
#599→ <<cset b87b80a722d0>>
-
- changed status to resolved
Minor correction and changes upadated. Fixes
#599→ <<cset 09efecdf3ad6>>
-
- changed milestone to 0.8.0
-
assigned issue to
Ed McDonagh
- Log in to comment
Hi @tcdewit. It was simply for convenience and simplicity so I could reduce the number of substitutions people make depending on the database name and user name. For most people, I think
all allis ok. For more advanced users, then maybe specifying the database and or the user could be useful.We could add in a simple note to say that the database name or username can be specified if you don't want a global setting.