From: | Jan Wieck <JanWieck(at)Yahoo(dot)com> |
---|---|
To: | Jason Tesser <JTesser(at)nbbc(dot)edu> |
Cc: | "Pgsql (E-mail)" <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: pam authentication for postgres |
Date: | 2003-11-27 00:05:01 |
Message-ID: | 3FC53FAD.2070306@Yahoo.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Jason,
it seems you are unfamiliar with the basic rules of user support. If you
try to filter as much as possible and only post the tiny snippets of
information "you" think are important, the chances that someone else
finds the point you overlooked are close to none.
Please post a comprehensive description of what you're trying to do
together with the configuration files you use.
Jan
Jason Tesser wrote:
> sorry for teh double posting I forgot the steps at the end
>
> OK I am still trying to get pam working
>
> here is the messages I have is the log from trying to log in
>
> Nov 26 08:55:16 localhost postgresql(pam_unix)[22693]: authentication failure; logname= uid=26 euid=26 tty= ruser= rhost= user=cherring
> Nov 26 08:55:16 localhost pam_winbind[22693]: user 'cherring' granted acces
>
> as you can see winbind is actually granting access but fro some reason poasgres still denies it.
> weird. any ideas.
>
> the steps I have done are listed below
>> note: i'm no sysad, nor do i even pretend to understand pam, the linux kernel,
>> or postgresql, but this setup is a safe, working, postgresql/linux/pam setup.
>>
>> 0) configure postgresql for pam, for example
>>
>> [root ( at ) omega tmp]# grep pam /usr/local/pgsql/data/pg_hba.conf
>> host all all 137.75.0.0 255.255.0.0 pam
>>
>> 1) create a /etc/pam.d/postgresql entry, here's how i did mine
>>
>> [root ( at ) omega tmp]# cp /etc/pam.d/passwd /etc/pam.d/postgresql
>>
>> i don't know if it's the best setup, but it works! mine looks like this
>>
>> [root ( at ) omega tmp]# cat /etc/pam.d/postgresql
>> #%PAM-1.0
>> auth required /lib/security/pam_stack.so service=system-auth
>> account required /lib/security/pam_stack.so service=system-auth
>> password required /lib/security/pam_stack.so service=system-auth
>
> ---------------------------(end of broadcast)---------------------------
> TIP 9: the planner will ignore your desire to choose an index scan if your
> joining column's datatypes do not match
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck(at)Yahoo(dot)com #
From | Date | Subject | |
---|---|---|---|
Next Message | greg | 2003-11-27 01:47:46 | Re: postgres metadata |
Previous Message | Stephen Robert Norris | 2003-11-26 23:59:13 | Re: Humor me: Postgresql vs. MySql (esp. licensing) (OT) |