hi all…
im stuck on step_02…
when i try this i get the mysource error:
[codebox]
±-----------------------------------------------+
| MySource Error |
|-------------------------------------------------|
| DB Error: connect failed |
±-----------------------------------------------+
[/codebox]
my main.inc file looks like this:
[codebox]
define('SQ_CONF_DB_DSN', 'pgsql://matrix@unix()/mysource_matrix');
define('SQ_CONF_DB2_DSN', 'pgsql://matrix@unix()/mysource_matrix');
define('SQ_CONF_DB3_DSN', 'pgsql://matrix_secondary@unix()/mysource_matrix');
define('SQ_CONF_DBCACHE_DSN', 'pgsql://matrix@unix()/mysource_matrix');
[/codebox]
the user and database seems correct… is [codebox]unix()[/codebox] correct?
thanks…
Problem with PostgreSQL IDENT error
this line preseeds the error:
FATAL: IDENT authentication failed for user "matrix"
i can connect to the DB with matrix from the command line:
psql -h localhost -U matrix mysource_matrix
This means there is a problem with pg_hba.conf and the permissions you have configured for PostgreSQL. Can you post the pg_hba.conf contents?
sure thanks for the speedy reply avi…
[codebox]
PostgreSQL Client Authentication Configuration File
===================================================
#
Refer to the PostgreSQL Administrator's Guide, chapter "Client
Authentication" for a complete description. A short synopsis
follows.
#
This file controls: which hosts are allowed to connect, how clients
are authenticated, which PostgreSQL user names they can use, which
databases they can access. Records take one of seven forms:
#
local DATABASE USER METHOD [OPTION]
host DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
hostssl DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
hostnossl DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
host DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
hostssl DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
hostnossl DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
#
(The uppercase quantities should be replaced by actual values.)
The first field is the connection type: "local" is a Unix-domain socket,
"host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
DATABASE can be "all", "sameuser", "samegroup", a database name (or
a comma-separated list thereof), or a file name prefixed with "@".
USER can be "all", an actual user name or a group name prefixed with
"+" or a list containing either. IP-ADDRESS and IP-MASK specify the
set of hosts the record matches. CIDR-MASK is an integer between 0
and 32 (IPv4) or 128 (IPv6) inclusive, that specifies the number of
significant bits in the mask, so an IPv4 CIDR-MASK of 8 is equivalent
to an IP-MASK of 255.0.0.0, and an IPv6 CIDR-MASK of 64 is equivalent
to an IP-MASK of ffff:ffff:ffff:ffff::. METHOD can be "trust", "reject",
"md5", "crypt", "password", "krb4", "krb5", "ident", or "pam". Note
that "password" uses clear-text passwords; "md5" is preferred for
encrypted passwords. OPTION is the ident map or the name of the PAM
service.
#
This file is read on server startup and when the postmaster receives
a SIGHUP signal. If you edit the file on a running system, you have
to SIGHUP the postmaster for the changes to take effect, or use
"pg_ctl reload".
# Put your actual configuration here
# ----------------------------------
#
# CAUTION: The default configuration allows any local user to connect
# using any PostgreSQL user name, including the superuser, over either
# Unix-domain sockets or TCP/IP. If you are on a multiple-user
# machine, the default configuration is probably too liberal for you.
# Change it to use something other than "trust" authentication.
#
# If you want to allow non-local connections, you need to add more
# "host" records. Also, remember TCP/IP connections are only enabled
# if you enable "tcpip_socket" in postgresql.conf.
# DO NOT DISABLE!
# If you change this first entry you will need to make sure that the
# database
# super user can access the database using some other method.
# Noninteractive
# access to all databases is required during automatic maintenance
# (autovacuum, daily cronjob, replication, and similar tasks).
#
# Database administrative login by UNIX sockets
local all postgres ident sameuser
# TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD
local all all ident sameuser
# IPv4-style local connections:
# host all all 127.0.0.1 255.255.255.255 md5
host all all 127.0.0.1 255.255.255.255 trust
# IPv6-style local connections:
host all all ::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff md5
host all all 192.168.10.93 255.255.255.255 trust
[/codebox]
i gave the loopback trusted authentication as i hadnt set a password yet...
ok… avi…
i changed the authentication method for local from ident sameuser to trust…
step_02 seem to go without any errors [that i can tell]…
is this a security threat?
should i change it back once i have installed mysource_matrix?
thanks…
[quote]is this a security threat?
should i change it back once i have installed mysource_matrix?[/quote]
You can't change it back – Matrix uses two different user accounts to connect to PostgreSQL and "ident sameuser" only allows a single user connection. As long as you lock access to the database to the local machine (or to the specific webserver if you're running multiple servers) you should be fine.
Somthing that worked for me was adding a host entry for users matrix and matrix_secondary, with access set to trust for database mysource_matrix. I have another config too where I have used md5 and added them as reqular users with passwords.
If I added:
indent sameuser
Postgres wouldn't start.