I have a PostgreSQL installation for which I would like to limit local
domain socket access to the postgres user and members of the "myadmin"
group. I've modified pg_hba.conf to trust local domain socket connections,
and changed these settings in postgresql.conf:

unix_socket_group = 'myadmin'
unix_socket_permissions = 0770

Using these settings, attempting to login via psql using different accounts
results in the following:

root:   connection refused
postgres: connection refused
myadmin: permission denied

When I look at the socket file in /tmp, I see the following:

srwx------  1 postgres postgres    0 Nov 13 10:03 .s.PGSQL.5432

I thought by changing postresql.conf the way I have, this should appear as:

srwxrwx---  1 postgres myadmin    0 Nov 13 10:03 .s.PGSQL.5432

What am I missing?  I'm currently running 64-bit PostgreSQL 8.4.1 on Centos
5.4.

Thanks in advance,

Joe

Reply via email to