Sample Exam Questions

From the objective of OSS-DB Exam Silver
S2.3 Configuration files (pg_hba.conf)

Sample Question


Choose two appropriate descriptions for pg_hba.conf.

  1. It was used until PostgreSQL version 9.6, but was deprecated in version 10.

  2. You can manage passwords for database users.

  3. You can manage various user privileges granted or revoked by GRANT/REVOKE.

  4. You can control whether other machines on the network can connect to the database.

  5. You can manage the authentication method used for connection to each database in a database cluster.

※This sample exam is different from those that appear in the actual OSS-DB Exam.

Answer and Explanation

The HBA in pg_hba.conf stands for Host-Based
Authentication, and this file defines the authentication method used for clients when they connect to the database. Its default location is in the data directory of the database cluster. It is a text file that usually contains a collection of lines in the following format:
   local   DB_name   username   authentication_method
   host   DB_name   username   IP_address   authentication_method
The first field is 'local' if Unix domain socket is used for connection, and 'host' if TCP/IP is used.
You can specify an authentication method for a combination of destination database name, database user name, and client IP address.
If 'all' is specified for the DB_name, then it means all databases in the database cluster, and if 'all' is specified for the user name, then it means all database users. You can specify IP addresses by host name, domain name, network address (for example,, and so on.
If the combination of the connection source, destination DB, and user name is not found in this file, the connection is rejected. In other words, you can control whether other machines on the network can connect to the database.
Passwords for database users or user privileges controlled by GRANT/REVOKE are managed in the database and have nothing to do with this file.

So the correct answers are D and E.