Skip site navigation (1) Skip section navigation (2)

Re: Re: [PATCHES] Patch to include PAM support...

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Dominic J(dot) Eidson" <sauron(at)the-infinite(dot)org>
Cc: pgsql-hackers(at)postgresql(dot)org, pgsql-patches(at)postgresql(dot)org
Subject: Re: Re: [PATCHES] Patch to include PAM support...
Date: 2001-08-25 04:47:52
Message-ID: (view raw or whole thread)
Lists: pgsql-hackerspgsql-patches
"Dominic J. Eidson" <sauron(at)the-infinite(dot)org> writes:
>> Could we change the PAM code so that it tries to run the PAM auth cycle
>> immediately on receipt of a connection request?  If it gets a callback
>> for a password, it abandons the PAM conversation, sends off a password
>> request packet, and then tries again when the password comes back.

> I am attempting to do this in a way that's relatively elegant, and the
> code should get sent to -patches tomorrow sometime , after I've had time
> to do some testing.

I think that the main objection to the original form of the PAM patch
was that it would lock up the postmaster until the client responded.
However, that is *not* a concern any longer, since the current code
forks first and authenticates after.  Accordingly, you shouldn't be
complexifying the PAM code to avoid waits.

			regards, tom lane

In response to


pgsql-hackers by date

Next:From: Tom LaneDate: 2001-08-25 04:50:48
Subject: Re: Does the oid column have an implicit index on it?
Previous:From: Bruce MomjianDate: 2001-08-25 04:33:29
Subject: MD5 for ODBC

pgsql-patches by date

Next:From: Dominic J. EidsonDate: 2001-08-25 05:16:49
Subject: Re: Re: [PATCHES] Patch to include PAM support...
Previous:From: Christopher Kings-LynneDate: 2001-08-25 03:08:12
Subject: RE: DROP CONSTRAINT (UNIQUE) preliminary support

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group