| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | kolo hhmow <grzsmp(at)gmail(dot)com> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: pam auth - add rhost item |
| Date: | 2015-10-14 19:52:34 |
| Message-ID: | CA+TgmoZ4ZCZ9sjkLLsBS4vHxKsTdzoKqgaZB5kGAbVxHa0KDrA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Oct 13, 2015 at 4:12 PM, kolo hhmow <grzsmp(at)gmail(dot)com> wrote:
> Yes, sorry. I was in hurry when I posted this message.
> I dont understand whay in CheckPAMAuth function only PAM_USER item is adding
> to pam information before authenticate?
> Wheter it would be a problem to set additional pam information like
> PAM_RHOST which is very useful because we can use this item to restrict
> access to this ip address.
> I hope I'm more specific now and you will understand me.
> Sorry, but I'm not native english speaker.
> Patch in attachment, and link below to web-view on github:
> https://github.com/grzsmp/postgres/commit/5e2b102ec6de27e786d627623dcb187e997609e4
I don't personally know much about PAM, but if you want to restrict
access by IP, you could do that in pg_hba.conf.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2015-10-14 19:56:46 | Re: [PROPOSAL] DIAGNOSTICS <var> = SKIPPED_ROW_COUNT |
| Previous Message | Robert Haas | 2015-10-14 19:21:41 | Re: Foreign join pushdown vs EvalPlanQual |