From: | matan(dot)hury(at)imperva(dot)com |
---|---|
To: | pgsql-bugs(at)postgresql(dot)org |
Subject: | BUG #14653: PAM authentication failed |
Date: | 2017-05-14 07:16:41 |
Message-ID: | 20170514071641.1451.11145@wrigleys.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 14653
Logged by: matan hury
Email address: matan(dot)hury(at)imperva(dot)com
PostgreSQL version: 9.6.1
Operating system: Linux rhel 7.2
Description:
Hi,
After a lot of attempts, I think that have a bug with PAM authentication
with PostgreSQL 9.6.
This is my configuration:
* On linux there's user -postgres with the same credentials of postgres user
on the DB server.
* The postgres user has permissions as root for /etc/shadow and
/etc/passwd.
* This is the PAM file of PostgreSQL:
auth include postgres=system-auth debug
account include postgres=system-auth
password include postgres=system-auth
#auth required pam_pgsql.so
#account required pam_pgsql.so
#password required pam_pgsql.so
* This is the system-auth file:
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
auth required pam_deny.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account required pam_permit.so
password requisite pam_pwquality.so try_first_pass local_users_only
retry=3 authtok_type=
password sufficient pam_unix.so sha512 shadow nullok try_first_pass
use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
-session optional pam_systemd.so
session [success=1 default=ignore] pam_succeed_if.so service in crond
quiet use_uid
session required pam_unix.so
* This is the METHOD option in pg_hba:
pam pamservice=PostgreSQL
* This is the error:
psql.bin: FATAL: PAM authentication failed for user "postgres"
I expect for your fast reply ...
Thanks.
From | Date | Subject | |
---|---|---|---|
Next Message | Stephen Frost | 2017-05-14 15:40:25 | Re: BUG #14650: pg_dump -c fails when 'public' schema doesn't exist |
Previous Message | Andres Freund | 2017-05-13 23:16:11 | Re: BUG #14530: Logical Decoding Slowness |