Continuing with this thread, I have some doubt about using SSL connections with
pgpool and postgreSQL, my pg_hba.conf have this configuration at this moment:
hostssl postgres pgpool 10.13.4.201/32
trust
hostssl template1 pgpool 10.13.4.201/32
trust
hostssl postgres sr_pgpool 10.13.4.201/32
trust
hostssl template1 sr_pgpool 10.13.4.201/32
trust
But in the postgreSQL log file, this error is shows:
LOG: connection received: host=10.13.4.201 port=50423
LOG: connection received: host=10.13.4.201 port=50424
LOG: connection authorized: user=sr_pgpool database=postgres
LOG: connection authorized: user=sr_pgpool database=postgres
LOG: statement: SELECT pg_is_in_recovery()
LOG: statement: SELECT pg_current_xlog_location()
LOG: disconnection: session time: 0:00:00.092 user=sr_pgpool database=postgres
host=10.13.4.201 port=50424
LOG: disconnection: session time: 0:00:00.096 user=sr_pgpool database=postgres
host=10.13.4.201 port=50423
LOG: connection received: host=10.13.4.201 port=50426
FATAL: no pg_hba.conf entry for host "10.13.4.201", user "pgpool", database
"postgres", SSL off
LOG: connection received: host=10.13.4.201 port=50428
LOG: connection authorized: user=sr_pgpool database=postgres
LOG: statement: SELECT pg_is_in_recovery()
LOG: disconnection: session time: 0:00:00.048 user=sr_pgpool database=postgres
host=10.13.4.201 port=50428
LOG: connection received: host=10.13.4.201 port=50432
LOG: connection authorized: user=pgpool database=template1
LOG: statement: SELECT pg_is_in_recovery()
LOG: disconnection: session time: 0:00:00.053 user=pgpool database=template1
host=10.13.4.201 port=50432
Why pgpool can connect to the database template1, and not to postgres database?
In what case pgpool connects to database postgres and in what case connects to
template1 database?
Regards.
-----Mensaje original-----
De: pgpool-general-boun...@pgfoundry.org
[mailto:pgpool-general-boun...@pgfoundry.org] En nombre de Lazaro Rubén García
Martinez
Enviado el: domingo, 20 de noviembre de 2011 06:43
Para: Guillaume Lelarge
CC: pgpool-general@pgfoundry.org
Asunto: Re: [Pgpool-general] Authentication method used for sr_check_password,
health_check_password and recovery_password
I am agree with you, but if it is not a bug, what is the purpose for having
sr_sheck_password property in pgpool.conf file?.
I think this property can confuse pgpool's users, for this reason I propose -1.
If you understand that this feature should be present in Pgpool 3.2, I will
agree with you too.
Regards.
________________________________________
De: Guillaume Lelarge [guilla...@lelarge.info]
Enviado el: domingo, 20 de noviembre de 2011 17:58
Para: Lazaro Rubén García Martinez
CC: Tatsuo Ishii; pgpool-general@pgfoundry.org
Asunto: RE: [Pgpool-general] Authentication method used for sr_check_password,
health_check_password and recovery_password
On Sun, 2011-11-20 at 17:24 -0430, Lazaro Rubén García Martinez wrote:
> I think this feature is very important, because having trust acces in
> pg_hba.conf is not a good idea.
I understand that and I agree with you. The problem is not on the
feature itself, but on which release it should be delivered. If the
feature is really urgent to get out there, then we should release 3.2
quickly. We shouldn't put it in 3.1.whatever because 3.1.whatever could
get out before 3.2.
Minor releases shouldn't change behaviour apart from bugfixes. That's an
important part of the trust you can have in a software. If we start to
add features on bugfix releases, many people will stop doing minor
updates on pgpool, afraid of bugs which might be included with new
features. I know I'll do if this will happen, and I won't encourage my
customers to upgrade their pgpool.
So, definite +1 to add this feature to pgpool, +1 to add it to 3.2, -1
to add it as a bugfix in 3.1.1. It definitely is not a bugfix.
--
Guillaume
http://blog.guillaume.lelarge.info
http://www.dalibo.com
_______________________________________________
Pgpool-general mailing list
Pgpool-general@pgfoundry.org
http://pgfoundry.org/mailman/listinfo/pgpool-general
_______________________________________________
Pgpool-general mailing list
Pgpool-general@pgfoundry.org
http://pgfoundry.org/mailman/listinfo/pgpool-general
