Mark, This is, of course, if you aren't concerned about someone on that machine deleting all your databases. Do you also allow anyone on localhost to access the root account? :) If so, then that's what you're doing to PostgreSQL if you set the postgres account to "trust".
In today's world, we all need to be conscious of security. If you're talking about a test installation, then yes, "trust" might be appropriate. But if it's a development or production server, then I can't find a reason where "trust" would ever be needed. (On the other hand, "ident" is a bit overkill sometimes.) I'd say that the Install Docs and the "fresh_install" script need to be updated to encourage "md5" and to supply a password when setting up the database. --Joel -----Original Message----- From: Mark Diggory [mailto:[email protected]] Sent: Thursday, January 07, 2010 2:27 PM To: William Hays Cc: [email protected] Subject: Re: [Dspace-devel] Postgres 8.4.2 client authentication breaks fresh install of DSpace Bill, I tend to favor setting postgres to "trust" on localhost, I also encountered this on a recent installation on Enterprise RedHat 5 as well. Mark On Thu, Jan 7, 2010 at 8:38 AM, William Hays <[email protected]> wrote: > The most recent Postgres version 8.4.2 has changed the default client > authentication mechanisms in pg_hba.conf from "trust" to "ident" and > "md5". This is at least true of the Ubuntu package distribution. This > has the unfortunate result of breaking the fresh_install ant script for > deploying DSpace with a database authentication exception. My > experience was with a recent DSpace 1.5.2 distribution. > > At the very least, DSpace install documentation should probably specify > the appropriate authentication mechanism in pg_hba.conf to support the > local jdbc connection made by the ant fresh_install script. Whether > this is the most appropriate solution is another question. > > > -- > ------------ > William Hays > Technology Research & Development > MIT Libraries E25-131 > 617.324.5682 (phone) > [email protected] > > > > ------------------------------------------------------------------------------ > This SF.Net email is sponsored by the Verizon Developer Community > Take advantage of Verizon's best-in-class app development support > A streamlined, 14 day to market process makes app distribution fast and easy > Join now and get one step closer to millions of Verizon customers > http://p.sf.net/sfu/verizon-dev2dev > _______________________________________________ > Dspace-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/dspace-devel > -- Mark R. Diggory Head of U.S. Operations - @mire http://www.atmire.com - Institutional Repository Solutions http://www.togather.eu - Before getting together, get t...@ther ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Dspace-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-devel ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Dspace-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-devel
