0

I am struggling with the postgresql's access control file pg_hba.conf... it's never happy, and all I want to do is straight forward: A) Allow access to ALL from localhost B) Allow access to ALL from 10.8.0.* (VPN) C) Deny ALL remaining

I've read the wiki page on the pgsql's official website, but can't figure out what's wrong with my configuration; I connect to the VPN (which works nice) and then attempt to connect to pgsql using pgadmin => fails; I also try to install a simple punBB forum (on the same machine as the database server) and I get can't connect to database... It's all configuration issue...

Here's a sample of my current permissions:

host    all     all     10.8.0.0/24     md5
local   all         postgres                          ident
local   all         all                               ident
host    all         all         127.0.0.1/32          trust

Any ideas?

Improve this question
4
  • What's your listen_addresses line in postgresql.conf say? Commented May 17, 2011 at 12:30
  • Is that the IP of the postgresql server? Generally it's better to just leave it at * and make sure it's not commented. Then, after it's working you can experiment with making it more specific. Commented May 18, 2011 at 22:43
  • FYI, it's best to cut and paste it. for instance, if the line is: #listen_addresses='10.8.0.1' then it's not gonna work because it's commented out, etc. Commented May 18, 2011 at 23:00
  • Hello back. Thank you Scott, actually the issue was with the permissions, it's working now :) Thanks again Commented May 19, 2011 at 7:00

1 Answer 1

Reset to default
1

I have no idea which "wiki page on the pgsql's official website" have you read but the manual is quite nice and has examples:

# Allow any user on the local system to connect to any database with
# any database user name using Unix-domain sockets (the default for local
# connections).
#
# TYPE  DATABASE        USER            CIDR-ADDRESS            METHOD
local   all             all                                     trust

# The same using local loopback TCP/IP connections.
#
# TYPE  DATABASE        USER            CIDR-ADDRESS            METHOD
host    all             all             127.0.0.1/32            trust

# Allow any user from 10.8.0.0/24 to connect to all
# databases if the user's password is correctly supplied.
#
# TYPE  DATABASE        USER            CIDR-ADDRESS            METHOD
host    all             all             10.8.0.0/24             md5

And don't forget to reload the server after the changes.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

host all all 10.8.0.0/24 md5 this isn't working, php was unable to connect to pgsql... And I was talking about this wiki: wiki.postgresql.org/wiki/Client_Authentication
Well, "isn't working" and "unable to connect" are not informative enough for me. Could you paste the error you see when you try to connect with your php app and also could you take a look in the Postges log for any authentication errors.
Man that's crazy... I've just re-pasted the whole permissions and it worked.... Thank you very much

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.