diff options
| author | Bruce Momjian <bruce@momjian.us> | 2004-08-01 05:59:13 +0000 |
|---|---|---|
| committer | Bruce Momjian <bruce@momjian.us> | 2004-08-01 05:59:13 +0000 |
| commit | e7029b212755594bbfb4325fffd2dbd7b00eef08 (patch) | |
| tree | 4b873a2272d0c18706b3398502d765aa607e51a7 /src/backend | |
| parent | 9d623ed252a73b5f57e2a764c6e631be19577a81 (diff) | |
| download | postgresql-e7029b212755594bbfb4325fffd2dbd7b00eef08.tar.gz postgresql-e7029b212755594bbfb4325fffd2dbd7b00eef08.zip | |
>I got a new idea on this. I think we should add an initdb option that
>takes a string to specify the local authentication method:
>
> initdb --auth 'ident'
>
>or whatever the user wants. I think this is more flexible and more
>compact. It would default to 'trust', and the packagers could
>set it to
>whatever they want. If their OS supports local ident, they can use
>that.
>
>Also keep in mind you might want some ident map file:
>
> initdb --auth 'ident mymap'
>
>so you would need to allow multiple words in the string.
Magnus Hagander
Diffstat (limited to 'src/backend')
| -rw-r--r-- | src/backend/libpq/pg_hba.conf.sample | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/src/backend/libpq/pg_hba.conf.sample b/src/backend/libpq/pg_hba.conf.sample index bd9120676a2..e857b12bdc3 100644 --- a/src/backend/libpq/pg_hba.conf.sample +++ b/src/backend/libpq/pg_hba.conf.sample @@ -48,20 +48,16 @@ # Put your actual configuration here # ---------------------------------- # -# CAUTION: The default configuration allows any local user to connect -# using any PostgreSQL user name, including the superuser, over either -# Unix-domain sockets or TCP/IP. If you are on a multiple-user -# machine, the default configuration is probably too liberal for you. -# Change it to use something other than "trust" authentication. -# # If you want to allow non-local connections, you need to add more # "host" records. Also, remember TCP/IP connections are only enabled # if you enable "tcpip_socket" in postgresql.conf. +@authcomment@ + # TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD -local all all trust +local all all @authmethod@ # IPv4-style local connections: -host all all 127.0.0.1 255.255.255.255 trust +host all all 127.0.0.1 255.255.255.255 @authmethod@ # IPv6-style local connections: -host all all ::1/128 trust +host all all ::1/128 @authmethod@ |