GNU bug report logs -
#36191
[PATCH] gnu: postgres service: More secure default permissions.
Previous Next
Reported by: Robert Vollmert <rob <at> vllmrt.net>
Date: Thu, 13 Jun 2019 13:52:01 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
This changes to 'peer' authentication for local socket connections,
and password-based authentication for local network connections.
* gnu/services/databases.scm (%default-postgres-hba): Change
authentication method.
---
gnu/services/databases.scm | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/gnu/services/databases.scm b/gnu/services/databases.scm
index 7113f1f2a1..ec31489d48 100644
--- a/gnu/services/databases.scm
+++ b/gnu/services/databases.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2017 Christopher Baines <mail <at> cbaines.net>
;;; Copyright © 2018 Clément Lassieur <clement <at> lassieur.org>
;;; Copyright © 2018 Julien Lepiller <julien <at> lepiller.eu>
+;;; Copyright © 2019 Robert Vollmert <rob <at> vllmrt.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -91,9 +92,9 @@
(define %default-postgres-hba
(plain-file "pg_hba.conf"
"
-local all all trust
-host all all 127.0.0.1/32 trust
-host all all ::1/128 trust"))
+local all all peer
+host all all 127.0.0.1/32 md5
+host all all ::1/128 md5"))
(define %default-postgres-ident
(plain-file "pg_ident.conf"
--
2.20.1 (Apple Git-117)
This bug report was last modified 6 years and 18 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.