[lug] PostgresSQL user mapping question

D. Stimits stimits at attbi.com
Fri Sep 27 17:08:59 MDT 2002 

Glenn Murray wrote:
> Thanks, Dan,
> 
> but...
> 
> Perhaps I didn't make this clear enough, but everything is happening
> on one box.  Port 113 is open (i.e., not firewalled), and ps -ef shows
> some identd processes when I take the firewall down.

There is a variation setting for identd, to hash/munge the reply 
information. Normally identd would reply plain text on a request against 
a user/port pair, the munging is designed as a way to slightly lower the 
possibility of gaining system information...perhaps the PostgreSQL does 
not work with the munging on. Check what options are used...for RH 7.x, 
/etc/sysconfig/identd, compare that against man page for identd options. 
Also, I did not look closely at your settings, but I believe config 
files state whether things like SSL are allowed or required...if you 
require it and SSL is not set up, this would also fail. Check files in 
/var/lib/pgsql/data/ for what is being required/allowed, and be sure to 
consider whether such a means is running and configured on your system.

D. Stimits, stimits AT attbi.com

> 
> Glenn Murray
> http://www.mines.edu/~gmurray
> 
> On Fri, 27 Sep 2002, D. Stimits wrote:
> 
> 
>>...
>>
>>>postgres:~$ createdb -U ocw ocwdb
>>>psql: FATAL 1:  IDENT authentication failed for user "ocw"
>>
>>...
>>
>>For each linux machine involved, be sure port 113 is open. Also, make
>>sure the identd service is running on each machine (if you can "telnet
>>localhost 113", it is running)...if Redhat, use chkconfig to list/alter
>>runlevels of identd. For redhat, runlevels 2-5 on are appropriate.
>>
>>I'm not sure when it applies, but in some cases it may be necessary for
>>user ID numbers from /etc/passwd to be the same on both remote and local
>>systems...I wouldn't go mucking with UID's, but you might go to the docs
>>for this issue if starting identd fails to do the job.
>>
>>D. Stimits, stimits AT attbi.com
>>
>>_______________________________________________
>>Web Page:  http://lug.boulder.co.us
>>Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>>
> 
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>

More information about the LUG mailing list