Trying to secure PostgreSQL
alexander v p
alex at big-blue.net
Fri Sep 12 17:10:22 PDT 2003
story short:
su -l postgres -c "/usr/local/pgsql/bin/postmaster -o -i -D /usr/local/pgsql/data -s &"
in the /etc/rc.local and it will start postgres w/o asking for
password. now, be carefull and read ( man postmaster) about switches.
if you need more help, please let us know. if it works let us know also
:-). i'll go to dig up some more info about config files in /data.
$0.02
alex
On Fri, 12 Sep 2003, Kirk Strauser wrote:
> At 2003-09-12T22:36:43Z, alexander v p <alex at big-blue.net> writes:
>
> > look in /usr/local/pgsql/data/pg_hba.conf
> > by default is:
> >
> > local all all trust
> > host all all 127.0.0.1 255.255.255.255 trust
> >
> > what you have to do is to change trust into password or md5
> > hope that helps
> > alex
> > p.s. restart postgres after you change the conf file.
>
> But when I do that, I'm prompted to enter the password for 'pgsql' whenever
> I start the service. That's pretty inconvenient when it's part of the boot
> process; the system would be effectively hung until I accessed the box,
> entered the password, and let the init sequence finish.
>
> I'd read of people coming up with a mechanism to pipe a password from some
> (hopefully) secure file on the system into the password prompt. Is that
> really the best way to handle this?
> --
> Kirk Strauser
>
More information about the freebsd-questions
mailing list