| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Praneel Devisetty <devisettypraneel(at)gmail(dot)com>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: User to get locked after three wrong login attempts. |
| Date: | 2018-09-05 17:48:32 |
| Message-ID: | 20180905174832.GO4184@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Greetings,
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Praneel Devisetty <devisettypraneel(at)gmail(dot)com> writes:
> > We have a requirement , where we require a user to get locked after three
> > wrong login attempts.
>
> The usual recommendation is to configure Postgres to use PAM
> authentication; then you can set up any weird requirements like
> this one in the PAM configuration.
Unfortunately, it's a pain to set up PAM and there's a lot of things in
the PAM stack which can't be used because PostgreSQL doesn't run as
root. We should really have a better solution to this pretty commonly
asked for capability; I'm hoping to find time soon to hack on that.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mark Steben | 2018-09-05 19:12:41 | will this upgrade strategy work? |
| Previous Message | Evan Bauer | 2018-09-05 16:43:41 | Re: How to get alerted automatically whenever a table structure is changed between Publisher and Subscriber in Logical Replication? |