[Babase] connecting to psql
Karl O. Pinc
babase@www.eco.princeton.edu
Thu, 06 Oct 2005 16:45:18 +0000
On 10/06/2005 11:08:48 AM, Karl O. Pinc wrote:
>
> On 10/06/2005 10:04:56 AM, Hunter Matthews wrote:
>
>>
>> I'm open to suggestions about how to secure user access and still
>> have
>> a
>> functioning backup system.
Ok, fine. Here's a better method:
In postgresql.conf do:
listen_addresses = localhost, 127.0.0.2
In pg_hba.conf do:
host all all 127.0.0.2/32 pam
Configure pam to only allow root, via the pam_rootok module.
auth required pam_rootok
Have your backup program use the 127.0.0.2 host.
Then pg_hba.conf can do md5 on the local access method.
Karl <kop@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein