Thread: pgsql: Mention that PAM requires the user already exist in the database,
pgsql: Mention that PAM requires the user already exist in the database,
From
momjian@svr1.postgresql.org (Bruce Momjian)
Date:
Log Message: ----------- Mention that PAM requires the user already exist in the database, per Dick Davies. Modified Files: -------------- pgsql/doc/src/sgml: client-auth.sgml (r1.76 -> r1.77) (http://developer.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/client-auth.sgml.diff?r1=1.76&r2=1.77)
momjian@svr1.postgresql.org (Bruce Momjian) writes: > Mention that PAM requires the user already exist in the database, per > Dick Davies. I don't recall exactly what Dick suggested, but the patch as applied seems like fairly useless verbiage. Exactly which of our other auth methods allow users who *don't* exist in the database to log in? And why would anyone find it surprising that this does not happen? regards, tom lane
Re: pgsql: Mention that PAM requires the user already exist in the database,
From
Peter Eisentraut
Date:
Tom Lane wrote: > I don't recall exactly what Dick suggested, but the patch as applied > seems like fairly useless verbiage. Exactly which of our other auth > methods allow users who *don't* exist in the database to log in? > And why would anyone find it surprising that this does not happen? I think the difference is that PAM carries a user list of its own, and users might be led to believe that it's enough to create a user in the PAM system and it will automatically exist in the database. With the other authentication methods, there is no external user list. -- Peter Eisentraut http://developer.postgresql.org/~petere/