Re: anyone knows about pam_pgsql ? - Mailing list pgsql-general
| From | David Ford |
|---|---|
| Subject | Re: anyone knows about pam_pgsql ? |
| Date | |
| Msg-id | 3C23BF81.3080108@blue-labs.org Whole thread Raw |
| In response to | anyone knows about pam_pgsql ? (Peter Pilsl <pilsl@goldfisch.at>) |
| Responses |
Re: anyone knows about pam_pgsql ?
|
| List | pgsql-general |
For everyone who is using postgres for NSS, please email me and let me know what package you are using and where you got it. I would like to update my HOW-TO at http://blue-labs.org/clue/NSS-pgsql.php. Thank you, David Tommi Mäkitalo wrote: > > ------------------------------------------------------------------------ > > Subject: > > Re: [GENERAL] anyone knows about pam_pgsql ? > From: > > Tommi Mäkitalo <t.maekitalo@epgmbh.de> > Date: > > Mon, 26 Nov 2001 11:04:21 +0100 > To: > > Peter Pilsl <pilsl@goldfisch.at> > > To: > > Peter Pilsl <pilsl@goldfisch.at> > CC: > > postgres mailinglist <pgsql-general@postgresql.org> > > > Hello Peter, > > nss and pam are different things. Pam is almost unusable without a > suitable nss-module. Nss make a user to exist in your system. Pam > checkes (among other things), if he is allowed to use a service. If > you use pam_pgsql without libnss-pgsql you have to add every user to > your /etc/passwd. But you don't need to give them passwords. That's > what pam does. > > I checked my version of libnss-pgsql. I get a compile-error in > backend.c. The include-path of postgresql is errorenous. I checked > that and updated to 0.9.0tm3. The version libnss-pgsql-1.00 has the > same bug. > > There instructions to install the module is almost not there. You > should do this: > - download > - tar xvzf libnss-pgsql-0.9.0tm3.tar.gz > - cd libnss-pgsql-0.9.0tm3 > - ./configure > - make > - make install (as root) > - set up your database (you can find a example schema in crebas.sql) > - edit nss-pgsql.conf and copy to /etc/nss-pgsql.conf > - edit /etc/nsswitch.conf to use pgsql (change 'passwd: compat' to > 'passwd: files pgsql' and 'group: compat' to 'group: files pgsql' > > It should work now. You can try it out with 'chown pguser ttt'. The > file ttt need not exist. 'chown' should complain about it. If you > libnss does not work it complains about not existing user 'pguser'. > > > Tommi > > > Peter Pilsl wrote: > >> thnx a lot for your reply. I would like to give the nss a try, but I >> dont have the slightest idea how to use it (in case I managed to >> compile). >> >> I just know how to use pam by adding a appropriate login-file to >> /etc/pam.d/ that contains things like: >> auth required /lib/security/pam_securetty.so >> auth required /lib/security/pam_stack.so service=system-auth >> auth required /lib/security/pam_nologin.so >> account required /lib/security/pam_stack.so service=system-auth >> password required /lib/security/pam_stack.so service=system-auth >> session required /lib/security/pam_stack.so service=system-auth >> session optional /lib/security/pam_console.so >> >> how would look this enty in case I'm using one of the nss-pgsql-tools ? >> >> sorry, but I'm really 100% newbie on nss. >> thnx, >> peter >> >>> > ... > > > ---------------------------(end of broadcast)--------------------------- > TIP 3: if posting/reading through Usenet, please send an appropriate > subscribe-nomail command to majordomo@postgresql.org so that your > message can get through to the mailing list cleanly
pgsql-general by date: