Skip site navigation (1) Skip section navigation (2)

Re: Allow IDENT authentication on local connections (Linux only)

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Helge Bahmann <bahmann(at)math(dot)tu-freiberg(dot)de>
Cc: pgsql-patches(at)postgresql(dot)org
Subject: Re: Allow IDENT authentication on local connections (Linux only)
Date: 2001-07-31 14:19:04
Message-ID: 200107311419.f6VEJ4v13688@candle.pha.pa.us (view raw or flat)
Thread:
Lists: pgsql-patches
> On Tue, 31 Jul 2001, Bruce Momjian wrote:
> > I don't see any configure.in code here to test for the CRED capability.
> No, as I wrote in my mail; wanted to get some comment first, if this
> is useful at all. I'm no autoconf guru, so there may be a better
> way (help wanted!), but here it goes as a quick hack:
> 
> AC_EGREP_CPP(yes,
> #include <sys/socket.h>
> #ifdef SO_PEERCRED
> yes
> #endif
> ],
> AC_DEFINE(HAVE_SO_PEERCRED),
> [])
> 
> and a corresponding entry to config.h.in:
> 
> /* Define if you have SO_PEERCRED */
> #undef HAVE_SO_PEERCRED

OK, no problem.  It is easy to add.


> I'll make a new patch if you prefer.
> 
> > How does this affect pg_hba.conf?  Did you specify "trust" on that line?
> simply specify "ident", like the following:
> 
> local	all	ident	sameuser
> 
> > Do we test when they have specified trust, and if not, what word do we
> > use?
> No, this would change semantics of an existing keyword. I think it is
> quite logical to use "ident" as a keyword for both local and remote
> connections.

This makes sense.  We can't currently do local/indent and it makes sense
to use that here.  I figure we could add this and add other OS's as we
need them.  Does it report an pg_hba.conf error if your OS doesn't
support this?

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

In response to

pgsql-patches by date

Next:From: Tom LaneDate: 2001-07-31 14:50:35
Subject: Re: Allow IDENT authentication on local connections (Linux only)
Previous:From: Helge BahmannDate: 2001-07-31 14:02:50
Subject: Re: Allow IDENT authentication on local connections (Linux only)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group