Re: Allow IDENT authentication on local connections (Linux only) - Mailing list pgsql-patches

From Bruce Momjian
Subject Re: Allow IDENT authentication on local connections (Linux only)
Date
Msg-id 200107311327.f6VDRVu07865@candle.pha.pa.us
Whole thread Raw
In response to Allow IDENT authentication on local connections (Linux only)  (Helge Bahmann <bahmann@math.tu-freiberg.de>)
Responses Re: Allow IDENT authentication on local connections (Linux only)  (Helge Bahmann <bahmann@math.tu-freiberg.de>)
Re: Allow IDENT authentication on local connections (Linux only)  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-patches
This is an interesting patch.  We have toyed with the idea before of
getting credentials of unix-domain sockets.  I think each OS has
different ways of doing it.  Solaris and BSD have different ways too.

I don't see any configure.in code here to test for the CRED capability.
How does this affect pg_hba.conf?  Did you specify "trust" on that line?
Do we test when they have specified trust, and if not, what word do we
use?


> Hello,
>
> the attached patch against 7.1.2 allows to use identd-like authentication
> on unix domain sockets.
>
> This is done by getting the uid of the connecting process via
> getsockopt(... SO_PEERCRED ...) which to my knowledge is Linux-specific,
> but I may be wrong.
>
> The patch does not contain a configure macro to enable the feature, add
>     #define HAVE_SO_PEERCRED 1
> to include/config.h before building to activate it.
>
> I have been using this feature since 7.0.1 and would be grateful if
> something like this could be integrated.
>
> Regards,
> Helge

Content-Description:

[ Attachment, skipping... ]

>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

pgsql-patches by date:

Previous
From: Helge Bahmann
Date:
Subject: Allow IDENT authentication on local connections (Linux only)
Next
From: Helge Bahmann
Date:
Subject: Re: Allow IDENT authentication on local connections (Linux only)