Re: authentication question - Mailing list pgsql-general

From Tom Lane
Subject Re: authentication question
Date
Msg-id 8133.1163091093@sss.pgh.pa.us
Whole thread Raw
In response to Re: authentication question  (Craig White <craigwhite@azapple.com>)
Responses Re: authentication question
Re: authentication question
List pgsql-general
Craig White <craigwhite@azapple.com> writes:
> I haven't had to fool too much with pam for authenticating other
> services so I'm a little bit out of my knowledge base but I know that it
> was simple to add netatalk into the pam authentication and expected that
> postgresql would be similar.

FWIW, we ship this PAM config file in the Red Hat PG RPMs:

#%PAM-1.0
auth        include        system-auth
account        include        system-auth

which AFAIR looks about the same as the corresponding files for other
services.  It's installed as /etc/pam.d/postgresql.

I concur with the other response that you need to find out where the
"Permission denied" failure is coming from.  There is no "audit_open"
in the Postgres sources so it sounds like an internal failure in the PAM
libraries.  If nothing else comes to mind, try strace'ing the postmaster
to see what kernel call draws that failure.

            regards, tom lane

pgsql-general by date:

Previous
From: Craig White
Date:
Subject: Re: authentication question
Next
From: Enrico
Date:
Subject: Datum problem