[ckan-dev] postgres permissions
David Read
david.read at okfn.org
Wed Oct 5 15:04:02 UTC 2011
Hi Florian,
I understand from your messages on Bitbucket that you're having
problems with postgres permissions.
https://bitbucket.org/okfn/ckan/pull-request/2/add-h-localhost-to-postgres-command-for#comment-301
You did:
$ paster --plugin=ckan db dump ckan.dump --config=/etc/ckan/std/std.ini
which runs pg_dump like this:
$ pg_dump --username=std -W std > ckan.dump
but you get this error:
FATAL: Ident authentication failed for user "std"
Whereas you get success if you add "-h localhost" to the pg_dump command.
The error is due to your postgres permissions setup, I believe
(/etc/postgresql/8.4/main/pg_hba.conf) and I suggest you fix this,
rather than add the loopback complexity to the command line interface
code.
I'm no expert on postgres permissions, and wish I knew more about
them, but from what I can work out:
If you don't specify -h then it goes straight to the postgres process
- Unix domain socket, known as "local" in pg_hba.conf.
Whereas "-h localhost" uses the loopback interface and has different
permissions in pg_hba.conf. In my conf it is known by CIDR
"127.0.0.1/32".
I hope that helps. Of course, if you can shed any more light on the
general area, then it would be much appreciated.
David
More information about the ckan-dev
mailing list