Most commonly because you'd like to use JDBC to connect to your local Postgres server without using password auth. Very quickly you'll realise Unix sockets aren't supported in Java, so you can't use peer
authentication.
First, ensure your /var/lib/pgsql/pg_hba.conf
uses ident
for TCP/IP connections:
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident
Install oidentd using yum
:
yum install oidentd -y
Alter /etc/sysconfig/oidentd
to force it to listen for IPv6 (using ::
):
# Oidentd startup options. See oidentd(8) man page for a complete list.
OIDENTD_OPTIONS="-a :: -u nobody -g nobody"
For use of identd
outside of your network, it's probably best to also have some sensible defaults in /etc/oidentd.conf
:
default {
default {
# Users may not spoof their ID
deny spoof
deny spoof_all
deny spoof_privport
# They may however opt to hide it or use a random numeric
allow random_numeric
allow numeric
allow hide
}
}