From the objective of OSS-DB Exam Silver
- Operation management - configuration file
Sample Question
1.42
Choose two incorrect descriptions from the below descriptions about the pg_hba.conf file.
- For each database in the database cluster, you can specify the users that should be granted or denied access.
- For each table in the database, you can specify the users who should allow or deny access.
- Host that can access the database can be specified by host name or IP address.
- If there is both a setting to permit connection and a setting to reject, the connection is permitted.
-
If neither the setting to permit or reject to connect, the connection is rejected.
※This sample exam is different from those that appear in the actual OSS-DB Exam.
2019/05/30
Answer and Explanation
A method for specifying a combination of database, user, and access source host in the database cluster. For authentication methods, various methods can be specified, including trust unconditionally permitted, reject unconditionally rejecting, md5 using encrypted passwords.
Specifying the access destination for each database. Access privileges for individual tables in the database can not be specified in pg_hba.conf. Please use SQL GRANT statement, REVOKE statement to specify.
Up to PostgreSQL 9.1, it was possible to designate only the IP address range for the access source host, but from version 9.2 it is now possible to specify the host name as well.
In pg_hba.conf, write one authentication condition on one line. Look for the record matching the combination of database, user, and access source in order from the first row. We will use the authentication method of the first line found. Even if there is a record of a combination matching below it, it will not be adopted.
If a matching line is not found, the connection is rejected.
Since it is a matter of choosing what is wrong, the correct answers are B and D.
For pg_hba.conf, refer to the following page of the manual.