Skip site navigation (1) Skip section navigation (2)

Re: 7.4.3 and PAM authentication failures

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Dallas N Antley <dna+pgsql(at)clas(dot)ufl(dot)edu>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: 7.4.3 and PAM authentication failures
Date: 2004-08-16 23:35:44
Message-ID: 18655.1092699344@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-admin
Dallas N Antley <dna+pgsql(at)clas(dot)ufl(dot)edu> writes:
> I think I know why pam authentication fails with the pam_unix*
> modules, but would appreciate your opinion.

I think you've proven that the particular PAM modules you are testing
with are useless for programs executing as non-root, but that doesn't
mean the entire concept is broken.  Look around ... there are lots of
PAM modules (or at least that's the theory).

BTW, what are those "door_info()" and "door_call()" calls shown in the
truss output?  Could it be that those are supposed to get the PAM code
into a higher authorization level?

			regards, tom lane

In response to

pgsql-admin by date

Next:From: Dallas N AntleyDate: 2004-08-17 02:06:49
Subject: Re: 7.4.3 and PAM authentication failures
Previous:From: Christopher BrowneDate: 2004-08-16 22:52:42
Subject: Re: [ADMIN] Pseudo-Off-topic-survey: Opinions about future of Postgresql(MySQL)?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group