Skip site navigation (1) Skip section navigation (2)

Re: Re: [PATCHES] Patch to include PAM support...

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Dominic J(dot) Eidson" <sauron(at)the-infinite(dot)org>
Cc: pgsql-hackers(at)postgresql(dot)org, pgsql-patches(at)postgresql(dot)org
Subject: Re: Re: [PATCHES] Patch to include PAM support...
Date: 2001-08-25 04:47:52
Message-ID: 29626.998714872@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-patches
"Dominic J. Eidson" <sauron(at)the-infinite(dot)org> writes:
>> Could we change the PAM code so that it tries to run the PAM auth cycle
>> immediately on receipt of a connection request?  If it gets a callback
>> for a password, it abandons the PAM conversation, sends off a password
>> request packet, and then tries again when the password comes back.

> I am attempting to do this in a way that's relatively elegant, and the
> code should get sent to -patches tomorrow sometime , after I've had time
> to do some testing.

I think that the main objection to the original form of the PAM patch
was that it would lock up the postmaster until the client responded.
However, that is *not* a concern any longer, since the current code
forks first and authenticates after.  Accordingly, you shouldn't be
complexifying the PAM code to avoid waits.

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Tom LaneDate: 2001-08-25 04:50:48
Subject: Re: Does the oid column have an implicit index on it?
Previous:From: Bruce MomjianDate: 2001-08-25 04:33:29
Subject: MD5 for ODBC

pgsql-patches by date

Next:From: Dominic J. EidsonDate: 2001-08-25 05:16:49
Subject: Re: Re: [PATCHES] Patch to include PAM support...
Previous:From: Christopher Kings-LynneDate: 2001-08-25 03:08:12
Subject: RE: DROP CONSTRAINT (UNIQUE) preliminary support

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group