Satoshi Nagayasu wrote:
> Andrew Dunstan wrote:
> >don't use system auth. PAM can authenticate from many sources, not just
> >the system password files. LDAP is a commonly used source.
>
> The reason why I'm trying to use PAM, is I need a feature
> to account lock-out after N-times login failures on PG,
> like pam_tally module.
I think Andrew is suggesting using LDAP atop PAM, so you'd be able to
use pam_tally anyway -- just switch away from "system-auth".
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support