Participants
JP Fletcher
JP Fletcher
Bruce Momjian
Bruce Momjian
Tom Lane
Tom Lane
Emanuel Calvo Franco
Emanuel Calvo Franco
Attachments
Show all attachments
Thread Outline
#1...#3
JP FletcherTom LaneBruce Momjian
Mar 09, 2009
#1JP FletcherJP Fletcher
Mar 09, 2009
#2Tom LaneTom Laneto JP Fletcher (#1)
Mar 09, 2009
#3Bruce MomjianBruce Momjianto Tom Lane (#2)
Mar 10, 2009
#4...#5
Emanuel Calvo FrancoBruce Momjian
to Bruce Momjian (#3)
Mar 10, 2009
#4Emanuel Calvo FrancoEmanuel Calvo Francoto Bruce Momjian (#3)
Mar 10, 2009
#5Bruce MomjianBruce Momjianto Emanuel Calvo Franco (#4)
Mar 10, 2009
#6JP FletcherJP Fletcherto Bruce Momjian (#3)
Mar 10, 2009

postgresql and LDAP

Started by JP Fletcherabout 17 years ago6 messagesgeneral
Jump to latest
#1JP Fletcher
JP Fletcher
jpfletch@ca.afilias.info

Hi,

I've just compiled 8.3.6 with ldap support yet I get

'FATAL: missing or erroneous pg_hba.conf file'

when I try to connect.

There weren't any errors during the compile, and ldd shows LDAP:

postgres@schema-mgmt:/opt/pgdata/log/pgsql83$ ldd
/opt/dbs/pgsql83/bin/postmaster | grep ldap
libldap_r-2.4.so.2 => /usr/lib/libldap_r-2.4.so.2 (0xb7fd5000)

This is on ubuntu linux, and the only configure option besides prefix
was '--with-ldap'

--
JP Fletcher
Database Administrator
Afilias Canada
voice: 416.646.3304 ext. 4123
fax: 416.646.3305
mobile: 416.561.4763
jpfletch@ca.afilias.info

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: JP Fletcher (#1)
Re: postgresql and LDAP

JP Fletcher <jpfletch@ca.afilias.info> writes:

I've just compiled 8.3.6 with ldap support yet I get
'FATAL: missing or erroneous pg_hba.conf file'
when I try to connect.

Can't help you much when you don't show us the pg_hba.conf file ;-)

However, a tip that might help is that there should be more information
about the problem in the postmaster log. We intentionally don't send
details about the conf file's contents to the client...

regards, tom lane

#3Bruce Momjian
Bruce Momjian
bruce@momjian.us
In reply to: Tom Lane (#2)
Re: postgresql and LDAP

Tom Lane <tgl@sss.pgh.pa.us> writes:

JP Fletcher <jpfletch@ca.afilias.info> writes:

I've just compiled 8.3.6 with ldap support yet I get
'FATAL: missing or erroneous pg_hba.conf file'
when I try to connect.

Can't help you much when you don't show us the pg_hba.conf file ;-)

However, a tip that might help is that there should be more information
about the problem in the postmaster log. We intentionally don't send
details about the conf file's contents to the client...

Perhaps we should send a HINT to the client saying to consult the postmaster
logs?

--
Gregory Stark
EnterpriseDB http://www.enterprisedb.com
Ask me about EnterpriseDB's RemoteDBA services!

#4Emanuel Calvo Franco
Emanuel Calvo Franco
postgres.arg@gmail.com
In reply to: Bruce Momjian (#3)
Re: postgresql and LDAP

2009/3/10 Gregory Stark <stark@enterprisedb.com>:

Tom Lane <tgl@sss.pgh.pa.us> writes:

JP Fletcher <jpfletch@ca.afilias.info> writes:

I've just compiled 8.3.6 with ldap support yet I get
'FATAL:  missing or erroneous pg_hba.conf file'
when I try to connect.

Can't help you much when you don't show us the pg_hba.conf file ;-)

However, a tip that might help is that there should be more information
about the problem in the postmaster log.  We intentionally don't send
details about the conf file's contents to the client...

Perhaps we should send a HINT to the client saying to consult the postmaster
logs?

IMHO I think is quite dangerous because someone with experience could guess
some security details.
But, could be configure the client verbose from the postgresql.conf,
in that case
could be useful.

--
 Gregory Stark
 EnterpriseDB          http://www.enterprisedb.com
 Ask me about EnterpriseDB's RemoteDBA services!

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

--
Emanuel Calvo Franco
Sumate al ARPUG !
(www.postgres-arg.org -
www.arpug.com.ar)
ArPUG / AOSUG Member
Postgresql Support & Admin

#5Bruce Momjian
Bruce Momjian
bruce@momjian.us
In reply to: Emanuel Calvo Franco (#4)
Re: postgresql and LDAP

Emanuel Calvo Franco <postgres.arg@gmail.com> writes:

2009/3/10 Gregory Stark <stark@enterprisedb.com>:

Tom Lane <tgl@sss.pgh.pa.us> writes:

However, a tip that might help is that there should be more information
about the problem in the postmaster log.  We intentionally don't send
details about the conf file's contents to the client...

Perhaps we should send a HINT to the client saying to consult the postmaster
logs?

egg on my face -- we already *do* have such a hint:

ereport(FATAL,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("missing or erroneous pg_hba.conf file"),
errhint("See server log for details.")));

IMHO I think is quite dangerous because someone with experience could guess
some security details.

How?

--
Gregory Stark
EnterpriseDB http://www.enterprisedb.com
Ask me about EnterpriseDB's 24x7 Postgres support!

#6JP Fletcher
JP Fletcher
jpfletch@ca.afilias.info
In reply to: Bruce Momjian (#3)
Re: postgresql and LDAP

FYI, I did see the message returned to my client, and did look in the
server logs. Trouble was, the message in the log was no more helpful
than the one returned to my client, with the exception of pointing me to
the line number in pg_hba.conf.

Gregory Stark wrote:

Tom Lane <tgl@sss.pgh.pa.us> writes:

JP Fletcher <jpfletch@ca.afilias.info> writes:

I've just compiled 8.3.6 with ldap support yet I get
'FATAL: missing or erroneous pg_hba.conf file'
when I try to connect.

Can't help you much when you don't show us the pg_hba.conf file ;-)

However, a tip that might help is that there should be more information
about the problem in the postmaster log. We intentionally don't send
details about the conf file's contents to the client...

Perhaps we should send a HINT to the client saying to consult the postmaster
logs?

--
JP Fletcher
Database Administrator
Afilias Canada
voice: 416.646.3304 ext. 4123
fax: 416.646.3305
mobile: 416.561.4763
jpfletch@ca.afilias.info

← Back to Topics