Hi James, it seems that the psql command connects to the server via UNIX domain socket /var/run/postgresql per default (so the first line in pg_hba.conf allow the access).
OpenXPKI tries a TCP connection. So you need to modify the entry with 127.0.0.1 in pg_hba.conf to your special localhost IP and it should allow access. The other option would be to configure OpenXPKI to use the UNIX domain socket too, but I would have to look up the details if you decided for that option. Cheers Jens > Am 08.02.2024 um 19:18 schrieb James B. Byrne via OpenXPKI-users > <openxpki-users@lists.sourceforge.net>: > openxpki-3.24.2 > FreeBSD-13.2p9 (jail.1) > PostgreSQL-16.1 > > service postgresql status > g_ctl: server is running (PID: 26750) > /usr/local/bin/postgres "-D" "/var/db/postgres/data16" > > > When I run psql -U openxpki -d openxpki I connect: > > psql -U openxpki -d openxpki > psql (16.1) > Type "help" for help. > > openxpki=> > > > However, when I run openxpkiadm hashpwd I get this error: > > 2024/02/08 12:49:46 Database error: connection failed; > __dbi_error__ => connection to server > at "localhost" (127.0.89.1), port 5432 failed: > FATAL: no pg_hba.conf entry for host "127.0.89.1", > user "openxpki", database "openxpki", no encryption > connection to server at "localhost" (127.0.89.1), port 5432 failed: > FATAL: no pg_hba.conf entry for host "127.0.89.1", > user "openxpki", database "openxpki", no encryption, > __dsn__ => dbi:Pg:host=localhost;port=5432;database=openxpki;sslmode=allow, > __source__ => DBI::connect, > __user__ => openxpki > > The contents of pg_hba.conf have these entries: > > # "local" is for Unix domain socket connections only > local all all trust > # IPv4 local connections: > host all all 127.0.0.1/32 trust > # IPv6 local connections: > host all all ::1/128 trust > > > As far as I can see the only anomalous element is the fact that localhost has > been defined in /etc/hosts as having IPv4 address 127.0.89.1. The use of this > address for localhost is a consequence of running the host as a FreeBSD jail > so > that 127.0.0.1 is not available. > > grep localhost /etc/hosts > ::89:1 localhost localhost.harte-lyne.ca > 127.0.89.1 localhost localhost.harte-lyne.ca openxpki-3 > > My question is: Why is openxpkiadm having this problem whereas psql, using the > same credentials as far as I can tell, does not? > > > -- > *** e-Mail is NOT a SECURE channel *** > Do NOT transmit sensitive data via e-Mail > Unencrypted messages have no legal claim to privacy > Do NOT open attachments nor follow links sent by e-Mail > > James B. Byrne mailto:byrn...@harte-lyne.ca > Harte & Lyne Limited http://www.harte-lyne.ca > 9 Brockley Drive vox: +1 905 561 1241 > Hamilton, Ontario fax: +1 905 561 0757 > Canada L8E 3C3 > > > > _______________________________________________ > OpenXPKI-users mailing list > OpenXPKI-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openxpki-users _______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
