| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Satoshi Nagayasu <nagayasus(at)nttdata(dot)co(dot)jp> |
| Cc: | Andrew Dunstan <andrew(at)dunslane(dot)net>, Albe Laurenz <all(at)adv(dot)magwien(dot)gv(dot)at>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PAM auth |
| Date: | 2006-06-20 13:05:07 |
| Message-ID: | 20060620130507.GI26882@surnet.cl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Satoshi Nagayasu wrote:
> Andrew Dunstan wrote:
> >don't use system auth. PAM can authenticate from many sources, not just
> >the system password files. LDAP is a commonly used source.
>
> The reason why I'm trying to use PAM, is I need a feature
> to account lock-out after N-times login failures on PG,
> like pam_tally module.
I think Andrew is suggesting using LDAP atop PAM, so you'd be able to
use pam_tally anyway -- just switch away from "system-auth".
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Martijn van Oosterhout | 2006-06-20 13:14:09 | Re: shall we have a TRACE_MEMORY mode |
| Previous Message | Alvaro Herrera | 2006-06-20 12:57:14 | Re: shall we have a TRACE_MEMORY mode |