  Ʈ׷ pg_hba.conf Ȱ

  TPLUG(б POWER LINUX USER GROUP)  ȿ nogadax@kldp.org
  2000 44

    Ʈ׷  ĵ ȯ漳  pg_hba.conf
  ϰ, ̿    ϰ Ѵ. , JDBC 
  ̿ connection  ش.
  ______________________________________________________________________

  

  1. Domain Socket
  2. pg_hba.conf 
     2.1 Unix Domain Socket 
     2.2 Internet Domain Socket 
     2.3 Authentication method( )

  3.  ׽Ʈ
     3.1 Ʈ׷  н
     3.2 پ  

  4. JDBC CONNECTION ׽Ʈ
  5. Ÿ

  ______________________________________________________________________

  1.  Domain Socket

  pg_hba.conf  ΰ  ִ. ù° Unix Domain Socket
  ̰ ° Internet Domain Socket ̴.

   ̵  ̴.

  socket ̶ unix  μ   Ǵ īμ,
  ̷ ſ   μ Ű Ʈũ 
  ̿ϴ Ʈ ũ μ  ִ.

  socket  domain ̶   Ư  зǸ, 
   μ  Unix Domain Socket̶ϰ, Ʈũ
  μ   Internet Domain Socket (Ȥ TCP/IP  Domain Socket
  ) Ѵ.

  Unix Domain Socket  δ telnet   telnet 
  Ʈ׷  ̴.

  Internet Domain Socket  δ ODBC  JDBC    ,
  ٸ 󿡼 JDBC ̿ Ŭ̾Ʈ μ Ʈ׷
   ̴.  ׷Ƿ JDBC Ȥ, ODBC   Ʈ׷
  DB connection   Ҷ pg_hba.conf   Internet
  Domain Socket  Ͽ Ѵ.

   127.0.0.1  IP Address    μ  
  Ǿ  127.0.0.1  Ʈũ Ư IP ̹Ƿ ̴
  Ʈũ  ̿ϴ Ʈũ μ ̴.
  ׷Ƿ ̴ Internet Domain Socket  ȴ.

  2.  pg_hba.conf 

  (postgresql Host-Based-Access Control)

   pg_hba.conf  $PGDATA 丮 Ѵ. μ Ʈ׷
  Ʈ 丮 /usr/local/pgsql̴. ׸ PGDATA   
  /usr/local/pgsql/data ̴.

  pg_hba.conf  Ϲ ڵ ̷  ڵ
  Ư ¸  ϳ ̴.   տ #  Ǿ 
  ̴ ּ ó Ǿ ִ ̴.   ̸ ̴ õǾ
  .

  pg_hba.conf  ڵ ΰ зǸ ϳ Unix Domain Socket
  ̸ ٸ ϳ Internet Domain Socket(TCP/IP Domain) ̴.

  2.1.  Unix Domain Socket 

  ڵ 

   local  database  authentication method

   : local unix domain socket   Ѵ.
     database   Ϸ database ̸ 
     database   Ϸ all   ȴ.
     authentication method    Ѵ.

   1)

   local   all          trust

   : local   Ÿ̽(all)   ϸ
     Ϸ ڵ   ִ(trust) ڷ
     ϸ ٸ  ġ ʰ ٷ   ִ.

   psql   :

    psql template1

   2)

   local   template1    crypt

   : local  template1 Ÿ̽  ϸ 
      crypt  ģ. crypt ڿ  н带
       н ȣȭǾ  pg_shadow Ͽ
     ִ н Ѵ. 񱳵 н尡 ¾ 
      ȴ.

   psql   :

    psql -u template1

    (-u ɼ  н带 ´)

  2.2.  Internet Domain Socket 

  ڵ 

  host   databse  IP  IP_mask  auth  method

   : jdbc   Ŀؼ   ϴ client 
      Ϸ  ϰų 㸦  Ѵ.
     (, ٸ ȣƮ  Ʈ׷  
       Ϸ )

     host  template1  210.110.144.161  255.255.255.255  crypt

     : 210.110.144.161  IP  crypt  template1
      Ÿ̽  Ѵ.

     host  all        0.0.0.0          0.0.0.0          password

     :  Ÿ̽  IP ּҵ password 
        Ҽ ִ.

  2.3.  Authentication method( )

       TRUST :    ٸ   ٷ Ѵ.

       REJECT :     źѴ.

       CRYPT :     н带 ´. ̶ н
                  ȣȭǾ Ʈ׷ .

       PASSWORD :  н带 ´. ̶ н
                  ȣȭ   ״ 
                  Ʈ׷ .

          TCP/IP Domain  شȴ.

        krb4  : Kerberos V4
        krb5  : Kerberos V5
        ident : Ŭ̾Ʈ  ident  Ǿ
                $PGDATA/pg_ident.conf   Ͽ
                Ѵ.

  , Ʈũ  Ŀؼ Ϸ    ͳ ϴ
   ִ. ̴ ssh     Ŭ̾Ʈ Ʈ
  ׷   Ʈũ ؼ ssh ̿Ͽ ȭȭ  ִ.
     Ʈũ ؼ   ִ.

           Ʈ  .

                http://www.heimhardt.de/htdocs/ssh.html

  3.   ׽Ʈ

  3.1.  Ʈ׷  н

  ׽Ʈ  postgres     н带  Ѵ.
   н  Ʈ׷   ̸ telnet  α
   н ƴϴ.

  ⼭ Ʈ׷   postgres ̰ н
  nogadax ϸ ̿    .

       ܰ 1)

       [postgres@nogadax postgres]$ psql  template1
       template1=> alter user postgres with password "nogadax";
       ...
       template1=>\q

       ܰ 2)

       [postgres@nogadax postgres]$ vi $PGDATA/pg_hba.conf
       ...........
       ̺κп  κ  ּó 
       "local  all  crypt"   ߰Ѵ.
       ׷  ϰ  ´.
       ...........

       ܰ 3)

       [postgres@nogadax postgres]$ psql -u template1
       username : postgres
       passwd   : nogadax
       template1=>create user testusr with password "testusr" creatdb;
       ...........
       template1=>select usename from pg_user;

       usename
       ----------
        postgres
        testusr
        (2rows)

       template1=>\q

       ܰ 4)

       [postgres@nogadax postgres]$ psql -u template1
         username : testusr
         password : testusr

        template1=>\q
       [postgres@nogadax postgres]$

  3.2.  پ  

        1)   Ϲ ̴.

         local  all  trust
         host   all  127.0.0.1  255.255.255.255  trust

       local   (all) Ÿ̽   ϸ
       host  IP 127.0.0.1   Ѵ.

        2) crypt 

       crypt    ̸  н尡 Ǿ ־
       Ѵ.  psql ӽ -u ɼ Ͽ Ѵ.

         local  all  crypt
         host   all  210.110.144.161  255.255.255.255  crypt

        3) reject 

         host  all  210.110.144.161  255.255.255.255  reject

       210.110.144.161  IP   κ  
       ʴ´. , źѴ(reject)

        4) password 

        host  all  210.110.144.161 255.255.255.255  password

  4.  JDBC CONNECTION ׽Ʈ

  1. Ŭ̾Ʈ power linux 2  Ͽ δ accel 6.2
   Ͽ.  Ʈ׷ 7.0 beta3  Ͽ jdk1.2.2 
  Ͽ.

  2. ׽Ʈ  Ŭ̾Ʈ Ʈ׷ JDBC ̹ ġϿ
  ϸ ġ   ִ.  jdk1.1.x  Ѵٸ Ʈ׷
  JDBC1  Ͽ ϸ jdk1.2.x  Ѵٸ Ʈ׷ JDBC2 
  Ͽ Ѵ.

  3. Ŭ̾Ʈ JDBC ̹ ġ

   Ʈ׷ JDBC ̹ Ŭ̾Ʈ  丮
  Ѵ. ⼭ /usr/local/lib/jdbc_post/ 丮 Ͽ.
  ׷  CLASSPATH  ش.  CLASSPATH  ̴.

         CLASSPATH=/usr/local/lib/jdbc_post/postgresql.jar:.
         export  CLASSPATH

  4. Ʈ׷  pg_hba.conf   ־ Ѵ.
  ׽Ʈ JDBC ҽ   Ŭ̾Ʈ IP  "210.110.144.161"
  ̶ ϰ Ʈ׷ DB  IP ּҴ "210.110.144.162"
  Ѵ. ׽Ʈ ࿡ ռ DB  IP ּҰ
  "210.110.144.161" Ŭ̾Ʈ    Ͽ Ѵ.
     pg_hba.conf     ߰Ͽ Ѵ.

        host all 210.110.144.161 255.255.255.255  crypt

  5. Ʈ׷   α׷    Ѵ.
  ⼭ basic.java   ׽Ʈ Ѵ. Ʈ׷ JDBC  
  α׷ Ʈ׷ ҽ 丮 /src/interfaces/jdbc/example
  丮 ִ.

   basic.java ҽ  ù  "package example;" 
  óѴ.  (ּó ..)

   ó Ѵ.

       javac basic.java

   ó Ѵ.

  java basic jdbc:postgresql://210.110.144.162/template1 postgres
  nogadax

   IP 巹 "210.110.144.162"  Ʈ׷ ִ  IP
  ̰ "template1" Ͽ ׽ƮϷ Ÿ̴̽.
  "postgres"  Ϸϴ Ʈ׷  DB ڸ̰ "nogadax"
   н̴.

  IP  ڽ  °  ش.  ϳ 󿡼
  ׽Ʈ ϷѴٸ IP 127.0.0.1 ̸ pg_hba.conf   
  .

              host all 127.0.0.1 255.255.255.255  crypt

  5.  Ÿ

  Domain Socket    "Unix   "(ȫ 
  ǻ, ) "μ "κ Ͽ.

  pg_hba.conf  Ʈ׷ Admin's Guide  "SECURITY" κ
  Ͽ.
  Ʈ׷ JDBC ̹   Ʈ׷ Programmer's
  Guide  "JDBC Interface" κ Ͽ.

