I'm trying to access to remote database from local machine.
Under su I use the following command:
psql -h remotehost.ru -U user -d test_psql
But without success: I try '\l' and see database-list, which mounted on local machine.
In pg_hba.conf (at local and remote machines):
host all user 0.0.0.0/0 md5
In postgresql.conf:
listen_addresses = '*'
Related
We have a postgres database server(10.3) installed on Centos7, and created a database with the name of "db_name". We have database access. The setting in pg_hba.conf is as the following:
# "local" is for Unix domain socket connections only
local all all trust
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
local replication all peer
host replication all 127.0.0.1/32 ident
host replication all ::1/128 ident
When I have sudo access, I can access the database "db_name".
[root#localhost bin]# sudo -s
[root#localhost bin]# psql -U db_name db_user
psql (10.3)
Type "help" for help.
db_name=>
When I tried to access database as a regular linux user, I got the following error:
[linuxuser#localhost bin]# psql -U db_name db_user
psql: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?
The reason we want to limit some users sudo access is that our report specialists need an access to the database "db_name", but we don't want them to have the sudo privilege to do something else.
What kind of settings shall I do in order to make it work?
Thanks!
I found the solution.
The cause of the problem is that there is no /var/run/postgresql/.s.PGSQL.5432 file existed.
By default, unix_socket_directories is '/tmp' which is set in postgresql.conf.
For some reason, the regular linux user is not looking at /tmp/.s.PGSQL.5432, but instead looking at /var/run/postgresql/.s.PGSQL.5432 file.
So the fix is as the following:
cd /var/run
mkdir postgresql
cd postgresql/
ln -s /tmp/.s.PGSQL.5432 .s.PGSQL.5432
The following command works as well.
psql -h /tmp -U db_user db_name
In PostgreSQL you should create a role to access the DB.
For that you will have to do this:
Change to postgres account (Created during installation of postgresql)
$ sudo -i -u postgres
Create a new role
postgres#server createuser --interactive
Output
Enter name of role to add: DB_Name
Shall the new role be a superuser? (y/n) y
Create Database
postgres#server createdb DB_Name
Create user, change to user and access to database
$ sudo adduser DB_Name
$ sudo -i -u DB_Name
$ psql
DB_Name=# \conninfo
References:
How To Install and Use PostgreSQL on CentOS 7
When you try to connect to postgres:
# psql -h localhost dgrt postgres
I get an error:
#User "postgres" has not passed authentication (Ident)
Configuration my files
postgresql.conf:
listen_addresses = '*'
pg_hba.conf:
#Allow replication connections from localhost, by a user with the
#replication privilege.
host all all 127.0.0.1/32 ident
With ident auth you need to launch the command as the correct OS user, i.e., the database username must match the OS username on the local host.
For example (as root) you can do:
# su postgres -c 'psql dgrt'
The same applies to connections to remote hosts. For details, please refer to the documentation.
For reference:
https://www.postgresql.org/docs/9.3/static/auth-methods.html#AUTH-IDENT
https://www.postgresql.org/docs/9.3/static/auth-pg-hba-conf.html
http://man7.org/linux/man-pages/man1/su.1.html
I am setting up the Hortonworks Hadoop stack on a single instance RHEL 7 node. I am stuck in the part where I am setting up my ambari-server, using my PostgreSQL 9.2.15 database (not default, not embedded).
I also intend to use this same PostgreSQL instance for Hive and Oozie.
After following the instructions from here:
https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.2.0/bk_ambari_reference_guide/content/_using_ambari_with_postgresql.html
https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.2.0/bk_ambari_reference_guide/content/_using_hive_with_postgresql.html
https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.2.0/bk_ambari_reference_guide/content/_using_oozie_with_postgresql.html
Here's how I named my database, user and schema:
ambari, ambari, ambari
hive, hive
oozie, oozie
This is how I configured my /var/lib/pgsql/data/pg_hba.conf file:
# Default
local all all peer
host all all 127.0.0.1/32 ident
# added settings
local all ambari md5
host all ambari 0.0.0.0/0 md5
host all ambari ::/0 md5
host oozie oozie <my-host-ip>/0 md5
host hive hive <my-host-ip>/0 md5
I run this, for Hive and Oozie:
$ ambari-server setup --jdbc-db=postgres --jdbc-driver=/usr/share/java/postgresql-jdbc.jar
Then for the actual Ambari setup
$ ambari-server setup
Enter advanced database configuration [y/n]? y
...
Enter choice (1): 4
Hostname (localhost): <my-fqdn-host-name>
Port (5432):
Database name (ambari):
Postgres schema (ambari):
Username (ambari):
Enter Database Password (bigdata) : <my-ambari-password>
However, I can't start the ambari-server, as I get this from /var/log/ambari-server/ambari-server.log on a number of lines:
Internal Exception: org.postgresql.util.PSQLException: FATAL: Ident authentication failed for user "ambari"
Although I am sure that my password is correct, and I can even connect using
$ psql -h <my-fqdn-host-name> -U ambari -d ambari -W
password: <my-ambari-password>
$ psql -h <my-host-ip> -U ambari -d ambari -W
password: <my-ambari-password>
However, I can't connect with
$ psql -h localhost -U ambari -d ambari -W
password: <my-ambari-password>
psql: FATAL: Ident authentication failed for user "ambari"
$ psql -h 127.0.0.1 -U ambari -d ambari -W
password: <my-ambari-password>
psql: FATAL: Ident authentication failed for user "ambari"
And I get the same error as what I get from /var/log/ambari-server/ambari-server.log. I suspect that ambari-server setup is connecting via localhost, that's why I get the same error.
Can you tell what's wrong with my configuration with Ambari and/or Postgres?
The problem is your pg_hba.conf file.
It is parsed from top to bottom, and the first matching line is used.
In your case, the line chosen is
host all all 127.0.0.1/32 ident
(you seem to connect from localhost) which is not what you want.
Either remove that line or move it to the end of the file.
I just installed PostgreSQL 9.2 server on an EC2 AMI instance. However I am not able to connect to it from the command prompt.
Moreover I see two directories in /var/lib: pgsql9 and pgsql92. The data directory in pgsql92 is empty and hence it looks like pgsql9 is the one that is getting used.
[root#ip-172-31-56-103 etc]# psql
Password:
psql: FATAL: password authentication failed for user "root"
[root#ip-172-31-56-103 etc]# sudo su - postgres
-bash-4.2$ psql
Password:
psql: FATAL: password authentication failed for user "postgres"
-bash-4.2$ psql -U postgres
Password for user postgres:
psql: FATAL: password authentication failed for user "postgres"
-bash-4.2$
pg_hba.conf
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
host all all 0.0.0.0/0 md5
# IPv6 local connections:
host all all ::1/128 ident
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 ident
#host replication postgres ::1/128 ident
postgresql.conf
listen_addresses = '*'
To work out which PG install you are using: ps -ef | grep pgsql. You will see for sure which binary, data directory and conf file is being used to give you some comfort.
Have you changed the pg_hba.conf from the default? If so, did you reload it? Something like sudo service postgresql reload should do it, depending upon your OS.
You might want to change the IPv6 local connection to use md5 as well.
Try adding -h localhost or -h 127.0.0.1 to your psql command: e.g. psql -h localhost -U postgres.
Check your postgres password to be doubly / triply sure.
Otherwise, check out the specific docs for your OSs installation. Sometimes apt or yum repos do some additional security configuration for you.
Finally, worst case, change all the pg_hba.conf auth methods to trust, then restart the database, logon, change the postgres password, logout, change the auth methods to md5, reload and try to logon again.
Postgresql server running and verified on 5432 on my localhost system:
If I type: psql -l I get the following response:
psql: could not connect to server: No such file or directory
Is the server running locally and accepting connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?
If I type psql -h localhost -l, it works and gives me a list of the databases.
The pg_hba.conf file is wide open, showing:
TYPE DATABASE USER ADDRESS METHOD
The value "local" is for Unix domain socket connections only:
local all all trust
Allow any IP to connect without password:
host all all 0.0.0.0/0 trust
IPv4 local connections:
host all all 127.0.0.1/32 trust
IPv6 local connections:
host all all ::1/128 trust
What have I missed? On other systems the first call from the command line works fine.
It sounds like when you are running the command you are connecting to localhost, not the file socket.. try
psql -h localhost -p 5432
Default Admin Login sudo -u postgres psql
Login into specific db with privilages psql -h host -p port -U User_Name db_name
Is the server running locally and accepting connections on Unix domain
socket "/var/run/postgresql/.s.PGSQL.5432"?
This just means that the unix_socket_directory configuration parameter on the server differs from the default of the client-side psql.
/var/run/postgresql is the default Unix domain socket path for Debian-based packages. For a self-compiled server, it is /tmp. It may also be a custom path specified in postgresql.conf or through a start directive.
Assuming it's /tmp you could do psql -l -h /tmp. The command knows that the parameter following -h is to be interpreted as a directory and not as a hostname because it starts with a slash.