Thread: BUG #1970: Existing /etc/pam.d/postgresql clobbered by RPM install
The following bug has been logged online: Bug reference: 1970 Logged by: Mark Gibson Email address: gibsonm@cromwell.co.uk PostgreSQL version: 8.0.4 Operating system: Redhat Enterprise Linux 4 Description: Existing /etc/pam.d/postgresql clobbered by RPM install Details: Hello, I noticed that when installing the 8.0.4 RPM's it replaced our existing /etc/pam.d/postgresql - this caused our system to break temporarily, as it was missing the following line: account required pam_stack.so service=system-auth I don't know whether this is required for all systems or is just a peculiarity of our setup, but could the RPM be changed to not clobber this file in the future. I believe some RPM's install conflicting configs with the .rpmnew extension. Cheers.
Hi, On Mon, 17 Oct 2005, Mark Gibson wrote: > Bug reference: 1970 > Logged by: Mark Gibson > Email address: gibsonm@cromwell.co.uk > PostgreSQL version: 8.0.4 > Operating system: Redhat Enterprise Linux 4 > Description: Existing /etc/pam.d/postgresql clobbered by RPM install > Details: > > Hello, I noticed that when installing the 8.0.4 RPM's > it replaced our existing /etc/pam.d/postgresql - this caused our system to > break temporarily, as it was missing the following line: > > account required pam_stack.so service=system-auth > > I don't know whether this is required for all systems or is just a > peculiarity of our setup, but could the RPM be changed to not clobber this > file in the future. I believe some RPM's install conflicting configs with > the .rpmnew extension. Cheers. AFAIK, RPMs look for RPM database for the existing files on the system. I think your file was not generated by any RPM, so our RPM wanted to replace it. I can't see any problems with adding account required pam_stack.so service=system-auth to our postgresql.pam file. If noone objects, we may release a new subversion of 8.0.4 with this fix (and elog patch of Tom). Regards, -- Devrim GUNDUZ Kivi Biliþim Teknolojileri - http://www.kivi.com.tr devrim~gunduz.org, devrim~PostgreSQL.org, devrim.gunduz~linux.org.tr http://www.gunduz.org
Devrim GUNDUZ <devrim@gunduz.org> writes: > I can't see any problems with adding > account required pam_stack.so service=system-auth See also https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167040 which is what inspired this to start with. Not knowing enough about PAM, I didn't get it right the first time :-( regards, tom lane
Hi, On Tue, 18 Oct 2005, Tom Lane wrote: > Devrim GUNDUZ <devrim@gunduz.org> writes: >> I can't see any problems with adding >> account required pam_stack.so service=system-auth > > See also > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167040 > which is what inspired this to start with. Not knowing enough about > PAM, I didn't get it right the first time :-( Ok, I fixed it with %if %pam %config(noreplace) /etc/pam.d/postgresql %endif in PGDG RPM spec file. However, as I wrote in pgsqlrpms-hackers list, in PGDG RPMs we can't use include directive in PAM config file since we are using same spec for all distros. Regards, -- Devrim GUNDUZ Kivi Biliþim Teknolojileri - http://www.kivi.com.tr devrim~gunduz.org, devrim~PostgreSQL.org, devrim.gunduz~linux.org.tr http://www.gunduz.org
Mark Gibson wrote: > > The following bug has been logged online: > > Bug reference: 1970 > Logged by: Mark Gibson > Email address: gibsonm@cromwell.co.uk > PostgreSQL version: 8.0.4 > Operating system: Redhat Enterprise Linux 4 > Description: Existing /etc/pam.d/postgresql clobbered by RPM install > Details: > > Hello, I noticed that when installing the 8.0.4 RPM's > it replaced our existing /etc/pam.d/postgresql - this caused our system to > break temporarily, as it was missing the following line: > > account required pam_stack.so service=system-auth > > I don't know whether this is required for all systems or is just a > peculiarity of our setup, but could the RPM be changed to not clobber this > file in the future. I believe some RPM's install conflicting configs with > the .rpmnew extension. Cheers. Please report this to the RPM maintainer. We do not create the RPMs. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
Hi, On Mon, 24 Oct 2005, Bruce Momjian wrote: <snipped> > Please report this to the RPM maintainer. We do not create the RPMs. I thought we do? Our RPMs are marked as PGDG RPMs... -- Devrim GUNDUZ Kivi Biliþim Teknolojileri - http://www.kivi.com.tr devrim~gunduz.org, devrim~PostgreSQL.org, devrim.gunduz~linux.org.tr http://www.gunduz.org
Am Montag, 24. Oktober 2005 20:27 schrieb Devrim GUNDUZ: > I thought we do? Our RPMs are marked as PGDG RPMs... You can also mark them "gentoo", but RPM bugs should still ideally be reported to the RPM builder, not this forum.