From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | Helge Bahmann <bahmann(at)math(dot)tu-freiberg(dot)de> |
Cc: | pgsql-patches(at)postgresql(dot)org |
Subject: | Re: Allow IDENT authentication on local connections (Linux only) |
Date: | 2001-07-31 14:19:04 |
Message-ID: | 200107311419.f6VEJ4v13688@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-patches |
> On Tue, 31 Jul 2001, Bruce Momjian wrote:
> > I don't see any configure.in code here to test for the CRED capability.
> No, as I wrote in my mail; wanted to get some comment first, if this
> is useful at all. I'm no autoconf guru, so there may be a better
> way (help wanted!), but here it goes as a quick hack:
>
> AC_EGREP_CPP(yes,
> #include <sys/socket.h>
> #ifdef SO_PEERCRED
> yes
> #endif
> ],
> AC_DEFINE(HAVE_SO_PEERCRED),
> [])
>
> and a corresponding entry to config.h.in:
>
> /* Define if you have SO_PEERCRED */
> #undef HAVE_SO_PEERCRED
OK, no problem. It is easy to add.
> I'll make a new patch if you prefer.
>
> > How does this affect pg_hba.conf? Did you specify "trust" on that line?
> simply specify "ident", like the following:
>
> local all ident sameuser
>
> > Do we test when they have specified trust, and if not, what word do we
> > use?
> No, this would change semantics of an existing keyword. I think it is
> quite logical to use "ident" as a keyword for both local and remote
> connections.
This makes sense. We can't currently do local/indent and it makes sense
to use that here. I figure we could add this and add other OS's as we
need them. Does it report an pg_hba.conf error if your OS doesn't
support this?
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2001-07-31 14:50:35 | Re: Allow IDENT authentication on local connections (Linux only) |
Previous Message | Helge Bahmann | 2001-07-31 14:02:50 | Re: Allow IDENT authentication on local connections (Linux only) |