| From: | Thomas Munro <tmunro(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Don't set PAM_RHOST for Unix sockets. |
| Date: | 2018-11-28 02:00:21 |
| Message-ID: | E1gRp9J-0003n9-9I@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Don't set PAM_RHOST for Unix sockets.
Since commit 2f1d2b7a we have set PAM_RHOST to "[local]" for Unix
sockets. This caused Linux PAM's libaudit integration to make DNS
requests for that name. It's not exactly clear what value PAM_RHOST
should have in that case, but it seems clear that we shouldn't set it
to an unresolvable name, so don't do that.
Back-patch to 9.6. Bug #15520.
Author: Thomas Munro
Reviewed-by: Peter Eisentraut
Reported-by: Albert Schabhuetl
Discussion: https://postgr.es/m/15520-4c266f986998e1c5%40postgresql.org
Branch
------
REL9_6_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/63d8350665c820203fd48e5690af01c33801fe46
Modified Files
--------------
src/backend/libpq/auth.c | 50 +++++++++++++++++++++++++++++-------------------
1 file changed, 30 insertions(+), 20 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2018-11-28 12:34:22 | pgsql: C comment: remove extra '*' |
| Previous Message | Thomas Munro | 2018-11-28 02:00:04 | pgsql: Don't set PAM_RHOST for Unix sockets. |