Re: PostgreSQL-Problem and Problem on Alioth

To: debian-devel@lists.debian.org
Cc: Debian Developers <debian-devel@lists.debian.org>
Subject: Re: PostgreSQL-Problem and Problem on Alioth
From: Andreas Tille <tillea@rki.de>
Date: Wed, 26 Jan 2005 09:57:28 +0100 (CET)
Message-id: <[🔎] Pine.LNX.4.61.0501260947560.17333@wr-linux02>
In-reply-to: <[🔎] 20050126081956.GA7436@box79162.elkhouse.de>
References: <[🔎] Pine.LNX.4.61.0501250941060.24005@wr-linux02> <[🔎] 20050125093837.GB11501@box79162.elkhouse.de> <[🔎] 20050125233827.GA13219@seanius.net> <[🔎] 20050126081956.GA7436@box79162.elkhouse.de>

On Wed, 26 Jan 2005, Martin Pitt wrote:

Well, this is not _exactly_ right since you can map system users to
database users in pg_ident.conf, but that would mean yet another
conffile to touch.

... which should probably be avoided.  Moreover I had bad experiences while
trying that some years ago.

I think pg_hba.conf does not have this feature. However, if that would
help and some kind of pg_hba.d/ structure would solve problems, I
think it would not be that hard to add that feature for Debian.

IMHO this would be really great.  Currently I prepend the following lines
in pg_hba.conf:


### DO NOT REMOVE THIS LINE: GNUMED_SERVER_CONFIG_DONE
### Next lines inserted by gnumed-server install
#
## Enable bootstraping the GnuMed-Server
#
# Enables socket authentification to template1 for users mentioned in
# file $PGDATA/gmTemplate1User.list (=gm-dbowner) with PASSWORD authentication
# to enable creating gnumed database and users
local        template1      @gmTemplate1User.list                  password
#
# Enables socket authentification to gnumed-test for users mentioned in
# file $PGDATA/gmTemplate1User.list (=gm-dbowner) with authentication TRUST
# to pupulate database with data.  Unfortunately the current bootstraping method
# requires TRUST. :-(
local        gnumed-test    @gmTemplate1User.list                  trust
#
## Enable client connections to the GnuMed-Server
#
# Enables socket authentification to gnumed-test for users mentioned in
# file $PGDATA/gmGnumedUser.list with PASSWORD authentication
# The file $PGDATA/gmGnumedUser.list should be regarded as config file
# and thus it is a symlink to /etc/gnumed/gmGnumedUser.list
local   gnumed-test  @gmGnumedUser.list                     password
#
# Uncomment this to enable remote users connecting to the GnuMed server
# You have to provide <IPADDR> and <IPMASK>
#    <IPADDR> = 0.0.0.0  and  <IPMASK> = 255.255.255.255
# means connection from all hosts is allowed
#
# host    gnumed-test  @gmGnumedUser.list  <IPADDR>  <IPMASK>   md5
# hostssl gnumed-test  @gmGnumedUser.list  <IPADDR>  <IPMASK>   md5
### End gnumed-server install
### DO NOT REMOVE THIS LINE: GNUMED_SERVER_CONFIG_END

I know that gforge maintainers do similar things.  This could be much cleaner
be done with
         pg_hba.d/50_gnumed
         pg_hba.d/50_gforge
         ...
whatever and I would greatly appreciate this.

However, the general approach to these web applications wrt
databases should be discussed, and a generally working solution should
be found before I start hacking. :-)

Sure.

Kind regards

          Andreas.

--
http://fam-tille.de

Reply to:

References:
- PostgreSQL-Problem and Problem on Alioth
  - From: Andreas Tille <tillea@rki.de>
- Re: PostgreSQL-Problem and Problem on Alioth
  - From: Martin Pitt <martin@piware.de>
- Re: PostgreSQL-Problem and Problem on Alioth
  - From: sean finney <seanius@debian.org>
- Re: PostgreSQL-Problem and Problem on Alioth
  - From: Martin Pitt <martin@piware.de>

Prev by Date: Bug#292299: ITP: policyrcd -- policy-compliant interface from invoke-rc.d to local config files
Next by Date: Re: scripts to download porn in Debian?
Previous by thread: Re: PostgreSQL-Problem and Problem on Alioth
Next by thread: Processed: Re 275388 - mounting at boot time under grub
Index(es):
- Date
- Thread