The following bug has been logged on the website:
Bug reference: 14653
Logged by: matan hury
Email address: matan.hury@imperva.com
PostgreSQL version: 9.6.1
Operating system: Linux rhel 7.2
Description:
Hi,
After a lot of attempts, I think that have a bug with PAM authentication
with PostgreSQL 9.6.
This is my configuration:
* On linux there's user -postgres with the same credentials of postgres user
on the DB server.
* The postgres user has permissions as root for /etc/shadow and
/etc/passwd.
* This is the PAM file of PostgreSQL:
auth include postgres=system-auth debug
account include postgres=system-auth
password include postgres=system-auth
#auth required pam_pgsql.so
#account required pam_pgsql.so
#password required pam_pgsql.so
* This is the system-auth file:
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
auth required pam_deny.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account required pam_permit.so
password requisite pam_pwquality.so try_first_pass local_users_only
retry=3 authtok_type=
password sufficient pam_unix.so sha512 shadow nullok try_first_pass
use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
-session optional pam_systemd.so
session [success=1 default=ignore] pam_succeed_if.so service in crond
quiet use_uid
session required pam_unix.so
* This is the METHOD option in pg_hba:
pam pamservice=PostgreSQL
* This is the error:
psql.bin: FATAL: PAM authentication failed for user "postgres"
I expect for your fast reply ...
Thanks.
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
