From: | Thomas Leduc <thomas(dot)leduc(at)cerma(dot)archi(dot)fr> |
---|---|
To: | Gémes Géza <geza(at)kzsdabas(dot)sulinet(dot)hu> |
Cc: | pgsql-admin(at)postgresql(dot)org |
Subject: | Re: postgresql 7.4.6 and pam_ldap |
Date: | 2005-01-06 09:19:01 |
Message-ID: | 20050106091901.GA15627@volga.lan.cerma.archi.fr |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Le 5 janvier 2005 à 22:20, Gémes Géza a écrit :
>
> I would suggest to retry it with a postgres user readable
> /etc/pam.d/postgresql
> an with a pg_hba.conf without postgres specified on the last field after
> pam. Also if you want ldap authentication, take care, that in
> /etc/pam.d/postgresql you don't reference any other non pam_ldap module,
> and your /etc/ldap.conf is readable by postgres user.
thank you for your help,
That's all i have done :
$ id
uid=26(postgres) gid=26(postgres) groupes=26(postgres)
$ cat /etc/pam.d/postgresql
auth required /lib/security//pam_ldap.so
$ cat pg_hba.conf
local all postgres ident sameuser
local all all pam
host all all 127.0.0.1/32 pam
host all all 192.168.10.0/24 pam
$ sed '/^#/d;/^$/d' /etc/ldap.conf
host 192.168.10.2
base ou=Users,dc=cerma,dc=archi,dc=fr
ssl no
pam_password md5
$ psql -U leduc leduc
Mot de passe :
psql: FATAL: PAM authentication échouée pour l'utilisateur "leduc"
=> DID NOT WORK !!!
# tail -f /var/log/postgresql
Jan 6 10:14:06 tage postgres[21450]: [1-1] TRACE: 00000: pam_authenticate a échoué : Conversation error
Jan 6 10:14:06 tage postgres[21450]: [1-2] EMPLACEMENT : CheckPAMAuth, auth.c:712
Jan 6 10:14:06 tage postgres[21450]: [2-1] FATAL: 28000: PAM authentication échouée pour l'utilisateur "leduc"
Jan 6 10:14:06 tage postgres[21450]: [2-2] EMPLACEMENT : auth_failed, auth.c:395
Jan 6 10:14:06 tage postgres[21450]: [3-1] ERREUR: 08006: Impossible d'envoyer les données du client : Relais brisé (pipe)
Jan 6 10:14:06 tage postgres[21450]: [3-2] EMPLACEMENT : internal_flush, pqcomm.c:1000
Jan 6 10:14:09 tage postgres[21451]: [1-1] TRACE: 00000: pam_acct_mgmt a échoué : User account has expired
Jan 6 10:14:09 tage postgres[21451]: [1-2] EMPLACEMENT : CheckPAMAuth, auth.c:723
Jan 6 10:14:09 tage postgres[21451]: [2-1] FATAL: 28000: PAM authentication échouée pour l'utilisateur "leduc"
Jan 6 10:14:09 tage postgres[21451]: [2-2] EMPLACEMENT : auth_failed, auth.c:395
=> "User account has expired" seems not to be true !
--
Thomas LEDUC
CNRS UMR 1563 - Laboratoire CERMA - Ecole d'Architecture de Nantes
Tel: +33 (0) 2 40 59 04 59 -- Fax : +33 (0) 2 40 59 11 77
EAN - Rue Massenet - BP 81931 - 44319 NANTES cedex 3
GPG KeyID: B2342343 Fingerprint: D62CF1A9D4BEDE671602504C46514CC8B2342343
From | Date | Subject | |
---|---|---|---|
Next Message | Dick Davies | 2005-01-06 09:53:01 | Re: postgresql 7.4.6 and pam_ldap |
Previous Message | Joshua D. Drake | 2005-01-06 03:14:22 | Re: query and stored procedures |