Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1sjXE5-001aHJ-2b for pgsql-general@arkaria.postgresql.org; Thu, 29 Aug 2024 04:57:41 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1sjXE2-00EoDk-Qr for pgsql-general@arkaria.postgresql.org; Thu, 29 Aug 2024 04:57:39 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1sjXE2-00EoDb-EY for pgsql-general@lists.postgresql.org; Thu, 29 Aug 2024 04:57:39 +0000 Received: from mail-yw1-x112a.google.com ([2607:f8b0:4864:20::112a]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1sjXDv-0021vE-3W for pgsql-general@postgresql.org; Thu, 29 Aug 2024 04:57:38 +0000 Received: by mail-yw1-x112a.google.com with SMTP id 00721157ae682-6b8f13f28fbso2320647b3.1 for ; Wed, 28 Aug 2024 21:57:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1724907450; x=1725512250; darn=postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=DfM1RB9OX44MrudyiBfkbsfpFl49fnErgy8JI6MRlJI=; b=UqmWZeqzn/HYEYIymUDCwrZGFBr9+RhynMK2y0hQ/t7CVsVBPv6TiThp53Hzo1x7XJ +UdMSYVFUdWyQd+tgNBbcroQlamr6b5hjv1u26gCjEiaLH1UieamOZ9+A7ds/3CUuV0C FpbHs3l5hFV52acPQwZG+rHAY3HZaOxW9mimzsvZUzYxdYbHpZLITKW8SH+4sxZhXG43 YwJrxocp+fNS9OMyjz+ngDESDrscyfcjE7NDmEx2EtKEYqmx4cyIVlCDcQXI60CSahxj L+7FF5lyw99kroVH9Iv9blpZL2qUrn/nfNImQdh00T6T3ynrIjEdY8LtCGUKmsr1tcMj yFoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724907450; x=1725512250; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=DfM1RB9OX44MrudyiBfkbsfpFl49fnErgy8JI6MRlJI=; b=BMTJHMLKr0lTBisSnJ1I6p9Kntd6OiOwigNJnF7+HoER+sHwqfAbczE8G1zjX1Bojb o4hsejyj6ks1VOnP0XG/1KX3tquClSd/Zzn+WY68hisS5fN2hnTL9awFCUwzyxUTmIG/ TsAPV/Jmjwffnbat48Xs8SKC9nwTPyzdOcuavQ7Q7Bl9+Hq4Lo19bkpSk7jqSX+0K31E v6/9vThmz1wvOHO3LBVIlO2QqAzeQdNDvtmBgwsylohbYSrKPCz8cK1k8O1TRdnmSiMw FKHZ/UnrF3eGlkrCGGOjZWdP+3WU0eo0NPcfZjz5oe06c9Wn39HFMPHIc7tiAs5dW4n0 7rwA== X-Forwarded-Encrypted: i=1; AJvYcCW+wB5ng+5FTprqw5hBjBrkcH5C0CCYFryCA9QTK/xHgq56TfXQLtIXXiAhIgIj7Hjoc4PW5Uk14e8/5ogG@postgresql.org X-Gm-Message-State: AOJu0YyhFWx5+CgsNW3GGmP8lH6uP0fk9uT5e2u7vcGWfG1XmXNcJOim u5/uzN7hY2LM10o2iH6fccfw4lQHi0wO0CUDfEP9tAtsWsATMlYDCYZGLkI6qZAhjBTvlTisjJ7 xF/FbBUAUy57n2pH6nOU2G3U9dqu44+A5 X-Google-Smtp-Source: AGHT+IF8O2F7GvfDwgGAh5++skKayQIdCzt9+X64c8zSdY6jGG4LQtQ8b/pj7ECpPA2rpmuNY4eKun2RNDU7fUyrMYU= X-Received: by 2002:a05:690c:c8a:b0:6b0:5b97:8d82 with SMTP id 00721157ae682-6d27620c966mr18301377b3.18.1724907450481; Wed, 28 Aug 2024 21:57:30 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: KK CHN Date: Thu, 29 Aug 2024 10:27:39 +0530 Message-ID: Subject: Re: PgbackRest : Stanza creation fails on DB Server and Repo Server To: "David G. Johnston" Cc: Amitabh Kant , pgsql-general Content-Type: multipart/alternative; boundary="000000000000db46840620cb4f9c" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000db46840620cb4f9c Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thank you all for the great help .. I couldn't get a chance to Restart the DB Cluster after making the changes highlighted. Correct me if I am wrong ( production server, down time requested. ) after editing the pg_hba.conf on DB server as follows local all all trust # IPv4 local connections: host all all 127.0.0.1/32 md5 host all all 10.0.0.0/8 md5 # IPv6 local connections: host all all ::1/128 md5 # Allow replication connections from localhost, by a user with the # replication privilege. local replication all peer #local replication all md5 host replication all 127.0.0.1/32 md5 host replication all ::1/128 md5 host replication all 10.0.0.0/8 md5 [root@db1 edb]# But a work around seems worked as follows : [root@db1 edb]# cat .pgpass *:*:replication:enterprisedb:my_password changed to [root@db1 edb]# cat .pgpass *:*:*:enterprisedb:password For those struggling with this issue this may help ... on the DB server's enterprisedb user's home directory ( Here it is /var/lib/edb/ ) [root@db1 edb]# cat .pgpass *:*:*:enterprisedb:password [root@db1 edb]# ls -al .pgpass -rw-------. 1 enterprisedb enterprisedb 28 Aug 29 09:26 .pgpass [root@db1 edb]# [root@db1 edb]# ls -al .pgpass -rw-------. 1 enterprisedb enterprisedb 28 Aug 29 09:26 .pgpass [root@db1 edb]# On Wed, Aug 28, 2024 at 8:28=E2=80=AFPM David G. Johnston < david.g.johnston@gmail.com> wrote: > On Wednesday, August 28, 2024, Amitabh Kant wrote= : > >> On Wed, Aug 28, 2024 at 8:00=E2=80=AFPM David G. Johnston < >> david.g.johnston@gmail.com> wrote: >> >>> On Wednesday, August 28, 2024, KK CHN wrote: >>> >>>> >>>> and I have .pgpass in DB server as >>>> >>> >>> You assumed this mattered but I see no mention that pgBackRest consults >>> this file. >>> >>> It seems to require the local entry in pg_hba.conf to use peer >>> authentication. >>> >>> David J. >>> >>> >> Section 21.4 on this page ( >> https://pgbackrest.org/user-guide.html#introduction ) does seem to >> mention the use of .pgpass file. I have no idea about the actual problem >> though. >> > > Yes, postgres itself uses .pgpass so when you configure streaming > replication between two servers, something that is doable regardless of > using pgBackRest, the server-to-server connection can utilize .pgpass. > > David J. > --000000000000db46840620cb4f9c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thank you all for the great help ..

I c= ouldn't get a chance to=C2=A0 =C2=A0 Restart the DB Cluster after makin= g the changes highlighted.=C2=A0 Correct me if I am wrong (=C2=A0 productio= n server,=C2=A0down time requested.=C2=A0=C2=A0) after editing the=C2=A0 = =C2=A0 =C2=A0pg_hba.conf=C2=A0 on=C2=A0 =C2=A0DB server as follows
local =C2=A0 all =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 all =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 trust
# IPv4 local connections:
host =C2=A0 = =C2=A0all =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 all =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 127.0.0.1/32 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0md5
host =C2=A0 =C2=A0all =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 all =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 10.0.0.0/8 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0md5



# IPv6 local connections:=
host =C2=A0 =C2=A0all =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 all =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ::1/128 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 md5
# Allow replication connections from loc= alhost, by a user with the
# replication privilege.
local =C2=A0 replication =C2=A0 =C2=A0 all = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0peer
#= local =C2=A0 replication =C2=A0 =C2=A0 all =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 md5
host =C2=A0 =C2=A0replication =C2=A0 =C2=A0 all= =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = 127.0.0.1/32 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0md5
host =C2= =A0 =C2=A0replication =C2=A0 =C2=A0 all =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 ::1/128 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 md5<= br>host =C2=A0 =C2=A0replication =C2=A0 =C2=A0 all =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 10.0.0.0/8 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0md5
[root@db1 edb]#
=



But a work around=C2=A0 seems worked as fo= llows :=C2=A0

[root@db1 edb]# cat .pgpass*:*:replication:enterprisedb:my_password

changed= to=C2=A0

[root@db1 edb]# cat .pgpass
*:*:*:ent= erprisedb:password


For those strugg= ling with this issue=C2=A0 =C2=A0 this may help ...=C2=A0

on = the DB server's=C2=A0 =C2=A0enterprisedb user's=C2=A0 home director= y ( Here it is=C2=A0 /var/lib/edb/=C2=A0 )

[root@d= b1 edb]# cat .pgpass
*:*:*:enterprisedb:password
[root@db1 edb]# ls -= al .pgpass
-rw-------. 1 enterprisedb enterprisedb 28 Aug 29 09:26 .pgpa= ss
[root@db1 edb]#


[root@db1 edb]# ls -= al .pgpass
-rw-------. 1 enterprisedb enterprisedb 28 Aug 29 09:26 .pgpa= ss
[root@db1 edb]#


On Wed, Aug 28, 2024 at 8:28= =E2=80=AFPM David G. Johnston <david.g.johnston@gmail.com> wrote:
On Wednesday, August 28, 2024, Amitabh Kan= t <amitabhkan= t@gmail.com> wrote:
On Wed, Aug 28, 2024 at 8:00=E2=80=AFPM David G.= Johnston <david.g.johnston@gmail.com> wrote:
On Wednesday, Augus= t 28, 2024, KK CHN <kkchn.in@gmail.com> wrote:

and I have=C2=A0 =C2= =A0.pgpass in DB server as=C2=A0

You assumed this mattered but I see no mention that pgBackRest consults t= his file.

It seems to require the local entry in p= g_hba.conf to use peer authentication.

David J.


Section 21.4 on this pag= e ( https://pgbackrest.org/user-guide.html#introduction )=C2=A0= does seem to mention the=C2=A0use of .pgpass file. I have no idea about th= e actual problem though.

= Yes, postgres itself uses .pgpass so when you configure streaming replicati= on between two servers, something that is doable regardless of using pgBack= Rest, the server-to-server connection can utilize .pgpass.

David J.=C2=A0
--000000000000db46840620cb4f9c--