| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Magnus Hagander <mha(at)sollentuna(dot)net> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, kovert(at)omniscient(dot)com |
| Subject: | Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2 |
| Date: | 2005-10-15 15:29:50 |
| Message-ID: | 200510151529.j9FFToa09007@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Magnus Hagander wrote:
> Previously, we set pg_krb5_server to NULL, which is something completely
> different than pg_krb_srvname=NULL (yes, they are named very closely,
> but they are completely different things). krb5_sname_to_principal()
> was never called.
>
> This is what wasn't working for me.
>
> > I have applied the following patch which updates the
> > documentation to reflect 'localhost', and improves the error
> > message to always print the server name as well as the
> > service name. (We have had complaints about poor Kerberos
> > error messages before.)
>
> This is not correct.
> The default is *not* "localhost". It's the "local host name". As in
> what's returned by gethostname().
Ah, local host name, not localhost. Poor wording. Text updated:
If not set, the default is the server hostname. See <xref
linkend="kerberos-auth"> for details. This parameter can only be set at
server start.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-10-15 15:45:49 | Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2 |
| Previous Message | Magnus Hagander | 2005-10-15 14:35:40 | Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2 |