Re: Allow IDENT authentication on local connections (Linux only)

This is an interesting patch. We have toyed with the idea before of
getting credentials of unix-domain sockets. I think each OS has
different ways of doing it. Solaris and BSD have different ways too.

I don't see any configure.in code here to test for the CRED capability.
How does this affect pg_hba.conf? Did you specify "trust" on that line?
Do we test when they have specified trust, and if not, what word do we
use?

> Hello,
>
> the attached patch against 7.1.2 allows to use identd-like authentication
> on unix domain sockets.
>
> This is done by getting the uid of the connecting process via
> getsockopt(... SO_PEERCRED ...) which to my knowledge is Linux-specific,
> but I may be wrong.
>
> The patch does not contain a configure macro to enable the feature, add
> #define HAVE_SO_PEERCRED 1
> to include/config.h before building to activate it.
>
> I have been using this feature since 7.0.1 and would be grateful if
> something like this could be integrated.
>
> Regards,
> Helge

Content-Description:

[ Attachment, skipping... ]

>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026