Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Magnus Hagander <mha(at)sollentuna(dot)net>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, kovert(at)omniscient(dot)com
Subject: Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2
Date: 2005-10-15 15:29:50
Message-ID: 200510151529.j9FFToa09007@candle.pha.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches

Magnus Hagander wrote:
> Previously, we set pg_krb5_server to NULL, which is something completely
> different than pg_krb_srvname=NULL (yes, they are named very closely,
> but they are completely different things). krb5_sname_to_principal()
> was never called.
>
> This is what wasn't working for me.
>
> > I have applied the following patch which updates the
> > documentation to reflect 'localhost', and improves the error
> > message to always print the server name as well as the
> > service name. (We have had complaints about poor Kerberos
> > error messages before.)
>
> This is not correct.
> The default is *not* "localhost". It's the "local host name". As in
> what's returned by gethostname().

Ah, local host name, not localhost. Poor wording. Text updated:

If not set, the default is the server hostname. See <xref
linkend="kerberos-auth"> for details. This parameter can only be set at
server start.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073

In response to

Responses

Browse pgsql-patches by date

  From Date Subject
Next Message Tom Lane 2005-10-15 15:45:49 Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2
Previous Message Magnus Hagander 2005-10-15 14:35:40 Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2