Hello all, I am interested in trying Bucardo for a database-to-database publishing application. Full-on Postgres replication is not semantically appropriate in this application. However, I'm having a pervasive authentication issue with getting Bucardo running and doing anything interesting. It has been somewhat explored on this mailing list before, but I haven't been able to dig up a satisfactory resolution from the archives. If I can't resolve this issue, I'll have to abandon trying to use Bucardo.
Issue: Bucardo suffers from 'peer' authentication failures, even when the pg_hba.conf authentication mode is 'trust'. Peer authentication ultimately prevents adding a replication herd, though that appears to be an accident requiring two separate bugs, if peer authentication is a bug. I am seeing the same issue as Marc-Emmanuel Ramage, who did not receive a reply from his message: <https://mail.endcrypt.com/pipermail/bucardo-general/2015-February/002534.html> This thread has a resolution, using the 'trust' authentication method to get things set up and then moving on to something more secure: <https://mail.endcrypt.com/pipermail/bucardo-general/2014-November/002464.html> That advice worked for me, using this pg_hba.conf line (inserted in the appropriate place): host bucardo bucardo 127.0.0.1/32 trust Awkwardly, this is not working: local bucardo bucardo peer Shell transcript of trying to use Bucardo in 'peer' authentication mode: + sudo -u bucardo bucardo status DBI connect('dbname=bucardo;host=localhost;port=5432','bucardo',...) failed: FATAL: password authentication failed for user "bucardo" FATAL: password authentication failed for user "bucardo" at /usr/bin/bucardo line 267. The .pgpass file exists, with what looks like the right permissions: + sudo ls -la ~bucardo/.pgpass -rw------- 1 bucardo bucardo 68 Jul 20 14:19 /var/lib/bucardo/.pgpass So, this appears to be a replication of the issue Greg Mullane noted: <https://mail.endcrypt.com/pipermail/bucardo-general/2014-October/002426.html> In lieu of coming onto IRC and trying to catch up, I've attached a setup shell script, 'fail-peer.sh', that reproduces the issue in a fresh, patched Ubuntu 14.04 VM. I've added comments explaining the lines. Unfortunately, using 'trust' only gets me up to, not through, the point of being able to create a herd. I've attached another shell script, 'fail-herd.sh', that tries to bypass authentication issues by just using 'trust', but 'peer' authentication somehow comes up when trying to create a herd from the wiki instructions. If you run 'fail-herd.sh' in a fresh, patched Ubuntu 14.04 VM, you and I will be on the same page. My Perl knowledge isn't great, so I'm stuck on investigating the issue further. (For one thing, I don't understand why the context function is "validate_goat" while the containing function appears to be "add_all_goats.") However, from the database statement in the error message, could it be that the Postgres server needs to be specified? I can tell that people are doing useful work with Bucardo, and I'd like to be able to do the same. I hope someone can help with this issue, and I hope further that there is just some elementary Postgres error I'm making. Since I'm not the first person to be making this error, this may warrant a wiki update. —Alex
fail-peer.sh
Description: fail-peer.sh
fail-herd.sh
Description: fail-herd.sh
_______________________________________________ Bucardo-general mailing list [email protected] https://mail.endcrypt.com/mailman/listinfo/bucardo-general
