PgBouncer and auth to PostgreSQL

Anton Patsev picture Anton Patsev · Apr 12, 2017 · Viewed 12.1k times · Source

pgbouncer version 1.7.2

psql (9.5.6)

I try use auth_hba_file (/var/lib/pgsql/9.5/data/pg_hba.conf) in PgBouncer.

Config pgbouncer.ini

postgres = host=localhost port=5432 dbname=postgres user=postgres
test = host=localhost port=5432 dbname=test user=test
[pgbouncer]
logfile = /var/log/pgbouncer/pgbouncer.log
pidfile = /var/run/pgbouncer/pgbouncer.pid
listen_addr = *
listen_port = 6432
auth_type = hba
auth_hba_file = /var/lib/pgsql/9.5/data/pg_hba.conf
admin_users = postgres
stats_users = stats, postgres
pool_mode = session
server_reset_query = DISCARD ALL
max_client_conn = 100
default_pool_size = 20

cat pg_hba.conf | grep -v "#" | grep -v "^$"

local   all             all                              trust
host    all             all             127.0.0.1/32     trust
host    all             all             ::1/128          trust
host    test            test            10.255.4.0/24    md5

psql -h 10.233.4.16 -p 5432 -U test

Password for user test:
psql (9.5.6)
Type "help" for help.

test=> \q

psql -h 10.233.4.16 -p 6432 -U test

psql: ERROR:  No such user: test

tail -fn10 /var/log/pgbouncer/pgbouncer.log

LOG C-0x78f7e0: (nodb)/(nouser)@10.255.4.245:8963 closing because: No such user: test (age=0)
WARNING C-0x78f7e0: (nodb)/(nouser)@10.255.4.245:8963 Pooler Error: No such user: test
LOG C-0x78f7e0: (nodb)/(nouser)@10.255.4.245:8963 login failed: db=test user=test

But i cannot connect to postgresql (using PgBouncer) using pg_hba.conf

Can somebody help? May you have example for use auth_hba_file. Thanks

I changed config:

[root@dev-metrics2 pgbouncer]# cat pgbouncer.ini | grep -v ";" | grep -v "^$" | grep -v "#"

[databases]
postgres = host=localhost port=5432 dbname=postgres user=postgres
test = host=localhost port=5432 dbname=test auth_user=test
[pgbouncer]
logfile = /var/log/pgbouncer/pgbouncer.log
pidfile = /var/run/pgbouncer/pgbouncer.pid
listen_addr = *
listen_port = 6432
auth_query = SELECT usename, passwd FROM pg_shadow WHERE usename=$1
admin_users = postgres
stats_users = stats, postgres
pool_mode = session
server_reset_query = DISCARD ALL
max_client_conn = 100
default_pool_size = 20

Drop and Create user and DB

[local]:5432 postgres@postgres # DROP DATABASE test;
DROP DATABASE
[local]:5432 postgres@postgres # DROP USER test ;
DROP ROLE
[local]:5432 postgres@postgres # CREATE USER test with password 'test';
CREATE ROLE
[local]:5432 postgres@postgres # CREATE DATABASE test with owner test;
CREATE DATABASE

PGPASSWORD=test psql -h 10.233.4.16 -p 6432 -U test

Password for user test:
psql: ERROR:  Auth failed

tail -fn1 /var/log/pgbouncer/pgbouncer.log

LOG Stats: 0 req/s, in 0 b/s, out 0 b/s,query 0 us
LOG C-0x17b57a0: test/[email protected]:3069 login attempt: db=test user=test tls=no
LOG C-0x17b57a0: test/[email protected]:3069 closing because: client unexpected eof (age=0)
LOG C-0x17b57a0: test/[email protected]:3070 login attempt: db=test user=test tls=no
LOG C-0x17b57a0: test/[email protected]:3070 closing because: Auth failed (age=0)
WARNING C-0x17b57a0: test/[email protected]:3070 Pooler Error: Auth failed

Work config:

cat pgbouncer.ini | grep -v ";" | grep -v "^$" | grep -v "#"

[databases]
*= port=5432 auth_user=postgres
[pgbouncer]
logfile = /var/log/pgbouncer/pgbouncer.log
pidfile = /var/run/pgbouncer/pgbouncer.pid
listen_addr = *
listen_port = 6432
auth_query = SELECT usename, passwd FROM pg_shadow WHERE usename=$1
admin_users = postgres
stats_users = stats, postgres
pool_mode = session
server_reset_query = DISCARD ALL
max_client_conn = 100
default_pool_size = 20

Answer

Pirr picture Pirr · Dec 5, 2017

Try put space

*= port=5432 auth_user=postgres  # old string
* = port=5432 auth_user=postgres # new string

work for me