User story #8901
closed
Added by Florian Heigl about 8 years ago.
Updated over 5 years ago.
Description
Rudder adds it's own entries to pg_hba.conf.
Unfortunately, they are not marked as managed by rudder.
Also they're at the start of the file instead of the end, where all the other auth settings are.
Looks really sloppy, like a drunk admin did it.
@[root@rudder data]# head pg_hba.conf ; echo "SNIPSNAP" ; tail pg_hba.conf
host all rudder 127.0.0.1/32 md5
host all rudder ::1/128 md5
- PostgreSQL Client Authentication Configuration File
- ===================================================
#
- Refer to the "Client Authentication" section in the
- PostgreSQL documentation for a complete description
- of this file. A short synopsis follows.
#
- This file controls: which hosts are allowed to connect, how clients
SNIPSNAP
- TYPE DATABASE USER CIDR-ADDRESS METHOD
- "local" is for Unix domain socket connections only
local all all ident
- IPv4 local connections:
host all all 127.0.0.1/32 ident
- IPv6 local connections:
host all all ::1/128 ident@
- Assignee set to Alexis Mousset
- Priority changed from N/A to 4
- Target version set to 4.0.0~rc2
- Target version changed from 4.0.0~rc2 to 321
- Target version changed from 321 to 4.0.1
- Target version changed from 4.0.1 to 4.0.2
- Target version changed from 4.0.2 to 4.0.3
- Target version changed from 4.0.3 to 4.0.4
- Tracker changed from Bug to User story
- Target version changed from 4.0.4 to 4.0.5
- Target version changed from 4.0.5 to 4.0.6
- Target version changed from 4.0.6 to 4.0.7
- Target version changed from 4.0.7 to 357
- Target version changed from 357 to 4.1.6
- Target version changed from 4.1.6 to 4.1.7
- Target version changed from 4.1.7 to 4.1.8
- Target version changed from 4.1.8 to 4.1.9
- Target version changed from 4.1.9 to 4.1.10
- Target version changed from 4.1.10 to Ideas (not version specific)
- Category changed from System techniques to Packaging
- Assignee changed from Alexis Mousset to Nicolas CHARLES
- Target version changed from Ideas (not version specific) to 5.0.10
we are doing a sed -i li to add the line, we should really simply do echo " " >> ${PG_HBA_FILE}
- Status changed from New to In progress
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Benoît PECCATTE
- Pull Request set to https://github.com/Normation/rudder-packages/pull/1888
- Assignee changed from Benoît PECCATTE to Nicolas CHARLES
- Status changed from Pending technical review to Pending release
putting this at the bottom of file blocks login to postgrsql
psql: FATAL: Ident authentication failed for user "rudder
- Subject changed from beautify pg_hba.conf to Beautify pg_hba.conf
This bug has been fixed in Rudder 5.0.10 which was released today.
- Status changed from Pending release to Released
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by