On 08/11/2015 03:06 PM, Felipe Gasper wrote:
> On 11 Aug 2015 5:56 PM, Adrian Klaver wrote:
>> On 08/11/2015 01:19 PM, Felipe Gasper wrote:
>>> Hello all,
>>>
>>> We are noticing what appears to be a significant difference between
>>> PostgreSQL 9.x and 8.4. Not having found documentation that would point
>>> us in the direction of a good solution, I thought I’d post our issue
>>> here.
>>>
>>> On CentOS 6 we have postgresql 8.4.20 and the following pg_hba.conf:
>>>
>>> local samerole all md5
>>> host samerole all 127.0.0.200 255.255.255.255 pam
>>> pamservice=postgresql_cpses
>>> host samerole all 127.0.0.1 255.255.255.255 md5
>>> local all postgres md5
>>> host all postgres 127.0.0.1 255.255.255.255 md5
>>>
>>> So connections to 127.0.0.200 are handled by pam, connections to
>>> 127.0.0.1 are handled by md5.
>>>
>>> If I run:
>>> root@jason:/$ psql -h 127.0.0.200 -U pguser
>>> Password for user pguser:
>>> psql: FATAL: PAM authentication failed for user "pguser"
>>>
>>> You can see it tried to authenticate using PAM authentication.
>>>
>>> On CentOS 7 we have postgresql 9.2.13 and the following pg_hba.conf:
>>>
>>> local samerole all md5
>>> host samerole all 127.0.0.200 255.255.255.255 pam
>>> pamservice=postgresql_cpses
>>> host samerole all 127.0.0.1 255.255.255.255 md5
>>> local all postgres md5
>>> host all postgres 127.0.0.1 255.255.255.255 md5
>>>
>>> But, running the command above yields a different result:
>>> root@i-0000764a [/usr/local/cpanel]# psql -h 127.0.0.200 -U pguser
>>> Password for user pguser:
>>> psql: FATAL: password authentication failed for user "pguser"
>>>
>>> It tried to use password auth instead of PAM. We think postgresql might
>>> be seeing any 127.0.0.0/8 address as 127.0.0.1. Could you please shed
>>> some light on the issue or point us in the right direction on how to
>>> make the 9.2.13 configuration function as the 8.4.20 configuration does?
>>
>> Are you sure you are pointing at the right instance of Postgres?
>>
>> Or to put it another way, is there more than one Postgres server running
>> on the machine?
>>
>
> Hi Adrian,
>
> Thanks for your prompt response!
>
> There is only one PostgreSQL instance on the PGSQL 9.2 machine.
What does the Postgres log show when you do the above?
>
> -F
>
--
Adrian Klaver
adrian.klaver@aklaver.com