1 |
On 04/26/13 20:25, James Cloos wrote: |
2 |
>>>>>> "J" == Joseph <syscon780@×××××.com> writes: |
3 |
> |
4 |
>J> In my "pg_hba.conf" I have: |
5 |
> |
6 |
>J> local all all trust |
7 |
>J> host all all 127.0.0.1/32 trust |
8 |
> |
9 |
>J> I was under impression that this is configuration is for localhost "127.0.0.1" access only. |
10 |
> |
11 |
>That tells pg how to authenticate users using the unix domain socket and |
12 |
>users using tcp over the loopback interface. |
13 |
> |
14 |
>To limit the listen_address, edit postgresql.conf in that directory. |
15 |
> |
16 |
>You want to have: |
17 |
> |
18 |
> listen_addresses = 'localhost' |
19 |
> |
20 |
>or: |
21 |
> |
22 |
> listen_addresses = '127.0.0.1' |
23 |
> |
24 |
>to prevent any access attempts from any non-localhost ip addresses. |
25 |
> |
26 |
>-JimC |
27 |
>-- |
28 |
>James Cloos <cloos@×××××××.com> OpenPGP: 1024D/ED7DAEA6 |
29 |
|
30 |
Thanks James for your help. |
31 |
I'll explain what am doing and trying to accomplish. |
32 |
|
33 |
On my sever (local desktop box) I run postgresql and have access to all databases. |
34 |
I'm using sql-ledger program, which uses firefox via apache to access postgresql. In apache I can easily control which IP has access to my box, this is not a problem. |
35 |
|
36 |
Postgresql has a user "sql-ledger" and I don't wont to create new users. sql-ledger has access to two databases. |
37 |
On localhost (where postgresql is running) I want to have access to both databases (eg. db1 and db2) |
38 |
but I want to limit access from other computers on the network to only one database. |
39 |
|
40 |
Is it possible? |
41 |
I've tried various combination in pg_hba.conf but nothing works. |
42 |
|
43 |
The first line line in pg_hba.conf (below) will allow connection to both databases (db1 and db2) to a box that I'll allow via apache to access postgresql. |
44 |
local all sql-ledger trust |
45 |
|
46 |
the line below will have no effect |
47 |
host clinic sql-ledger 192.168.139.1/32 trust |
48 |
|
49 |
How do I limit IP 192.168.139.1 to only one database and have full access from localhost to both databases. |
50 |
|
51 |
Thank you for your help! |
52 |
-- |
53 |
Joseph |