PostgreSQL authenticaion

cjm51213 · September 10, 2024, 12:45am

Hi Folks,

I am a QuickBooks refugee, which has no bearing on my question.

PostgreSQL apparently has two mutually exclusive authentication modes – “Peer” and “Password”. PostgreSQL installs under the assumption that “Peer” is the correct choice. This apparently means that access is granted based on your OS username. From my review of /etc/tryton.conf, I believe that Tryton expects to be able to authenticate with “Password”.

So:

Does Tryton expect to use “password” authentication?
Can Tryton use “Peer” authentication?

Thanks for the help,

Chris.

dotbit · September 10, 2024, 5:47am

A trusted user in pg_hba.conf, and no password in trytond.conf works, just tested.
I use psql to test. As the trusted user, if psql connects to the database, then peer auth works.

ced · September 10, 2024, 7:01am

In addition, the user must be created in PostgreSQL using the same name as the username on the OS using createuser. This must be executed as the OS user running PostgreSQL (usually postgres).

cjm51213 · September 10, 2024, 4:01pm

Hi Follks,

I have learned much about PostgreSQL, but apparently not enough. I have a user (role) tryton as demonstrated by “\du” in psql. I have a database “tryton” as demonstrated by “\l” in psql. It is owned by Tryton. I have granted user “tryton” all privileges on database “tryton”. I am permitting BOTH peer and password authentication in pg_hba.conf.

My research indicates that:

local all all peer
local all all md5

is a valid pg_hba.conf

I can “su - tryton” and transact as user “tryton”. This is clearly “peer” authentication. I cannot, as root, “psql -U tryton -W”. This is clearly “password” authentication. The error message indicates a failure of peer authentication.

So, I clearly have PostgreSQL misconfigured.

I’m not sure where to look next.

Thanks for the help.

Chris.

ced · September 10, 2024, 4:14pm

So the password you type is wrong.

cjm51213 · September 10, 2024, 4:31pm

Hi Ced,

No, I’m pretty sure it is correct. It is a development installation for now, so everything uses the same throw-away password. It is unlikely that I have mistyped it hundreds of times. And it is the same for any place a password is required.

However, I have clearly made at least one mistake, which has no bearing on the question before me, but does advance the problem. I forgot “–all” on the “trytond-admin” command. So, now I have a valid database, and I am able to get to the “password challenge” on the tryton client.

I still have PostgreSQL authentication issues, but those are not Tryton problems, and I’ll take them to a different forum.

Thanks for the help,

Chris.

P.S.: How do I mark this thread “closed”?

system · September 11, 2024, 4:32am

This topic was automatically closed 12 hours after the last reply. New replies are no longer allowed.