[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] Debian packages
|
From: |
Karsten Hilbert |
|
Subject: |
Re: [Gnumed-devel] Debian packages |
|
Date: |
Tue, 25 Oct 2005 18:37:31 +0200 |
|
User-agent: |
Mutt/1.5.9i |
On Tue, Oct 25, 2005 at 07:39:03AM +0800, Richard Hosking wrote:
> >Which one ?
> From the Gnumed site the
>
> GNUmed-client.0.1.tgz
> <http://savannah.gnu.org/download/gnumed/GNUmed-client.0.1.tgz>
Ah, OK, that should work.
> This is my current pg_hba.conf
> I presume I will have to enable plain TCP/IP
not necessary, see comment below
> ># PostgreSQL Client Authentication Configuration File
> ># ===================================================
> >#
> ># Refer to the PostgreSQL Administrator's Guide, chapter "Client
> ># Authentication" for a complete description. A short synopsis
> ># follows.
> >#
> ># This file controls: which hosts are allowed to connect, how clients
> ># are authenticated, which PostgreSQL user names they can use, which
> ># databases they can access. Records take one of seven forms:
> >#
> ># local DATABASE USER METHOD [OPTION]
> ># host DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
> ># hostssl DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
> ># hostnossl DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
> ># host DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
> ># hostssl DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
> ># hostnossl DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
> >#
> ># (The uppercase quantities should be replaced by actual values.)
> ># The first field is the connection type: "local" is a Unix-domain socket,
> ># "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
> ># SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
> ># DATABASE can be "all", "sameuser", "samegroup", a database name (or
> ># a comma-separated list thereof), or a file name prefixed with "@".
> ># USER can be "all", an actual user name or a group name prefixed with
> ># "+", an include file prefixed with "@" or a list containing either.
> ># IP-ADDRESS and IP-MASK specify the set of hosts the record matches.
> ># CIDR-MASK is an integer between 0 and 32 (IPv6) or 128(IPv6)
> ># inclusive, that specifies the number of significant bits in the
> ># mask, so an IPv4 CIDR-MASK of 8 is equivalent to an IP-MASK of
> ># 255.0.0.0, and an IPv6 CIDR-MASK of 64 is equivalent to an IP-MASK
> ># of ffff:ffff:ffff:ffff::. METHOD can be "trust", "reject", "md5",
> ># "crypt", "password", "krb5", "ident", or "pam". Note that
> ># "password" uses clear-text passwords; "md5" is preferred for
> ># encrypted passwords. OPTION is the ident map or the name of the PAM
> ># service.
> >#
> ># INCLUDE FILES:
> ># If you use include files for users and/or databases (see PostgreSQL
> ># documentation, section 19.1), these files must be placed in the
> ># database directory. Usually this is /var/lib/postgres/data/, but
> ># that can be changed in /etc/postgresql/postmaster.conf with the
> ># POSTGRES_DATA variable. Putting them in /etc/postgresql/ will NOT
> ># work since the configuration files are only symlinked from
> ># POSTGRES_DATA.
> >#
> ># This file is read on server startup and when the postmaster receives
> ># a SIGHUP signal. If you edit the file on a running system, you have
> ># to SIGHUP the postmaster for the changes to take effect, or use
> ># "pg_ctl reload".
> >#
> ># Upstream default configuration
> >#
> ># The following configuration is the upstream default, which allows
> ># unrestricted access to amy database by any user on the local machine.
> >#
> ># TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD
> >#
> >local all all trust
This line should be sufficient to allow unfettered access to
your local GNUmed database. However, I assume you don't
actually *have* a local database, do you ? You'd have had to
bootstrap it yourself on your system. Which isn't as bad as
it sounds but it's not entirely void of traps either.
> ># IPv4-style local connections:
> >host all all 127.0.0.1 255.255.255.255 trust
> ># IPv6-style local connections:
> >#
> ># Put your actual configuration here
> ># ----------------------------------
> >#
> ># This default configuration allows any local user to connect as himself
> ># without a password, either through a Unix socket or through TCP/IP; users
> ># on other machines are denied access.
> >#
> ># If you want to allow non-local connections, you need to add more
> ># "host" records before the final line that rejects all TCP/IP connections.
> ># Also, remember TCP/IP connections are only enabled if you enable
> ># "tcpip_socket" in /etc/postgresql/postgresql.conf.
> >#
> ># DO NOT DISABLE!
> ># If you change this first entry you will need to make sure the postgres
> >user
> ># can access the database using some other method. The postgres user needs
> ># non-interactive access to all databases during automatic maintenance
> ># (see the vacuum command and the /usr/lib/postgresql/bin/do.maintenance
> ># script).
> >#
> ># TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD
> ># Database administrative login by UNIX sockets
> >local all postgres ident
> >sameuser
> >#
> ># All other connections by UNIX sockets
> >local all all ident
> >sameuser
> >#
> ># All IPv4 connections from localhost
> >host all all 127.0.0.1 255.255.255.255 ident
> >sameuser
> >#
> ># All IPv6 localhost connections
> >host all all ::1
> >ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff ident sameuser
> >host all all ::ffff:127.0.0.1/128 ident
> >sameuser
> >#
> ># reject all other connection attempts
> >host all all 0.0.0.0 0.0.0.0 reject
> >
> >
> >
>
>
> _______________________________________________
> Gnumed-devel mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/gnumed-devel
>
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346